PT-2025-8116 · Linux+3 · Linux Kernel+3

Miaoqian Lin

Published

2022-03-11

Updated

2025-09-29

CVE-2022-49188

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A issue in the Linux kernel has been identified, specifically in the remoteproc subsystem, qcom q6v5 mss. The problem arises from memory leaks in the q6v5 alloc memory region function. The device node pointer, which is returned by of parse phandle() or of get child by name() with an incremented refcount, is not properly released using of node put() in all cases, leading to memory leaks. This occurs because of node put(node) is only called when of address to resource succeeds, neglecting error cases.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-664CWE-401CWE-911

Related Identifiers

ALSA-2025_16880

BDU:2026-04320

CVE-2022-49188

RHSA-2022:8267

RHSA-2022_8267

SUSE-SU-2025:01600-1

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1241-1

SUSE-SU-2025_01600-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

Affected Products

Astra Linux

Linux Kernel

Red Hat

Suse

PT-2025-8116 · Linux+3 · Linux Kernel+3

CVE-2022-49188

Weakness Enumeration

Related Identifiers

Affected Products

References · 1463