PT-2025-8244 · Linux+3 · Linux Kernel+3

Hangyu Hua

Published

2022-01-01

Updated

2025-04-14

CVE-2022-49310

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A refcount leak issue has been identified in the Linux kernel, specifically in the xillybus char driver. The problem arises from the use of usb get dev in xillyusb probe, which requires a corresponding call to usb put dev before the device xdev is released to prevent the leak.

Recommendations For the affected Linux kernel version, consider applying the fix that includes calling usb put dev before releasing xdev to mitigate the refcount leak issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2022-49310

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1241-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

Affected Products

Astra Linux

Debian

Linux Kernel

Suse

PT-2025-8244 · Linux+3 · Linux Kernel+3

CVE-2022-49310

Related Identifiers

Affected Products

References · 1328