PT-2025-25908 · Linux+2 · Linux Kernel+2

Published

2022-06-20

Updated

2025-07-28

CVE-2022-49982

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak issue has been identified in the Linux kernel, specifically in the pvrusb2 media module. The error handling code in pvr2 hdw create fails to unregister the v4l2 device, leading to a memory leak when pvr2 hdw create returns to pvr2 context create and calls pvr2 context destroy to destroy the context. This issue arises because mp->hdw is NULL, causing pvr2 hdw destroy to return directly without properly handling the resource. The fix involves adding v4l2 device unregister to decrease the refcount of the USB interface.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

BDU:2026-02361

CVE-2022-49982

OESA-2025-1726

RHSA-2023:2458

RHSA-2023:2951

SUSE-SU-2025:02264-1

SUSE-SU-2025:02321-1

SUSE-SU-2025:02322-1

SUSE-SU-2025:02537-1

SUSE-SU-2025:2264-1

SUSE-SU-2025_02264-1

SUSE-SU-2025_02537-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2025-25908 · Linux+2 · Linux Kernel+2

CVE-2022-49982

Weakness Enumeration

Related Identifiers

Affected Products

References · 616