PT-2025-8091 · Linux+3 · Linux Kernel+3

Ming Qian

Published

2022-01-01

Updated

2025-09-23

CVE-2022-49163

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A bug in the Linux kernel's imx-jpeg driver can cause an out-of-bounds array access when parsing jpeg data. If an error occurs before acquiring a slot, the driver may use an incorrect slot number, leading to unauthorized changes in the num domains variable. This can prevent the driver from detaching the pm domain during module removal, resulting in a kernel panic when attempting to reload the module.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Resource Release

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404CWE-125

Related Identifiers

BDU:2026-03932

CVE-2022-49163

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1241-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

Affected Products

Astra Linux

Debian

Linux Kernel

Suse

PT-2025-8091 · Linux+3 · Linux Kernel+3

CVE-2022-49163

Weakness Enumeration

Related Identifiers

Affected Products

References · 1334