PT-2025-43072 · Linux+5 · Linux Kernel+5

Published

2022-12-08

Updated

2025-12-04

CVE-2022-50562

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a memory leak in the TPM (Trusted Platform Module) and ACPI (Advanced Configuration and Power Interface) subsystem. The issue arises because the acpi get table() function, used to retrieve ACPI information related to the event log area, is not consistently paired with a corresponding acpi put table() call to release the allocated memory. This results in a memory leak over time. The fix involves adding the necessary acpi put table() call to properly release the ACPI memory. Additionally, a redundant empty line at the end of the tpm read log acpi() function was removed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401CWE-404

Related Identifiers

BDU:2026-04014

CESA-2023_7077

CVE-2022-50562

RHSA-2023:6583

RHSA-2023:7077

RHSA-2023_6583

RHSA-2023_7077

SUSE-SU-2025:4111-1

SUSE-SU-2025:4139-1

SUSE-SU-2025:4149-1

SUSE-SU-2025:4320-1

Affected Products

Acpi

Centos

Linux Kernel

Red Hat

Suse

Tpm

PT-2025-43072 · Linux+5 · Linux Kernel+5

CVE-2022-50562

Weakness Enumeration

Related Identifiers

Affected Products

References · 452