PT-2025-18639 · Linux+2 · Linux Kernel+2

Published

2025-05-01

Updated

2025-07-10

CVE-2022-49922

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A potential memory leak has been resolved in the Linux kernel. The issue occurs in the nfcmrvl i2c nci send() function, which is called by nfcmrvl nci send(). The skb should be freed in nfcmrvl i2c nci send(), but it is only freed when i2c master send() returns a value greater than or equal to 0. This means that skb will leak memory when i2c master send() fails. The fix ensures that skb is freed regardless of whether i2c master send() succeeds.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

CVE-2022-49922

SUSE-SU-2025:01918-1

SUSE-SU-2025:01966-1

SUSE-SU-2025:01982-1

SUSE-SU-2025:01983-1

SUSE-SU-2025:01995-1

SUSE-SU-2025:02173-1

SUSE-SU-2025:02262-1

SUSE-SU-2025:2173-1

SUSE-SU-2025_01982-1

SUSE-SU-2025_01983-1

SUSE-SU-2025_02173-1

SUSE-SU-2025_02262-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2025-18639 · Linux+2 · Linux Kernel+2

CVE-2022-49922

Weakness Enumeration

Related Identifiers

Affected Products

References · 750