PT-2025-8319 · Linux+2 · Linux Kernel+2

Schspa Shi

Published

2022-05-19

Updated

2025-05-20

CVE-2022-49385

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free (UAF) issue was found in the Linux kernel. The problem occurs when the driver attach function fails, causing the driver private to be freed while still being part of the bus. This results in a UAF condition.

Recommendations To fix the issue, delete the driver from the bus when the driver attach function fails.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2025-10270

CVE-2022-49385

OESA-2025-1465

OPENSUSE-SU-2025_1263-1

RHSA-2025:14744

RHSA-2025:14749

SUSE-SU-2025:01600-1

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1194-1

SUSE-SU-2025:1241-1

SUSE-SU-2025:1263-1

SUSE-SU-2025_01600-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

SUSE-SU-2025_1263-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2025-8319 · Linux+2 · Linux Kernel+2

CVE-2022-49385

Weakness Enumeration

Related Identifiers

Affected Products

References · 1509