PT-2025-8370 · Linux+2 · Linux Kernel+2
Published
2022-05-22
·
Updated
2025-04-14
·
CVE-2022-49436
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
A memory leak issue has been identified in the Linux kernel, specifically in the powerpc/papr scm module. The leak occurs when
char * elements allocated for individual stat id in papr scm priv.nvdimm events map[] are not properly freed during error paths in papr scm pmu check events(), papr scm remove(), and papr scm pmu register(). The issue arises from inconsistent assumptions about the size and termination of stat id strings. To fix this, memory allocation for papr scm priv.nvdimm events map has been modified to include space for stat id entries, reducing memory usage and indirection.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Allocation of Resources Without Limits
Memory Leak
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Astra Linux
Linux Kernel
Suse