PT-2025-8586 · Linux+4 · Linux Kernel+4

Yi Zhang

Published

2023-05-16

Updated

2025-04-14

CVE-2022-49653

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak was found in the Linux kernel's i2c piix4 driver, specifically in the EFCH MMIO support code. The leak occurred because release resource() only removes the resource from the tree without freeing its memory, whereas release mem region() is required to free the memory. This issue was introduced by the recently added support for EFCH MMIO regions.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the memory leak in the i2c piix4 driver. As a temporary workaround, consider applying the patch that replaces release resource() with release mem region() in the affected code path.

Exploit

Fix

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

CESA-2023_2951

CVE-2022-49653

RHSA-2023:2951

RHSA-2023:6583

RHSA-2023_2951

RHSA-2023_6583

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1241-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2025-8586 · Linux+4 · Linux Kernel+4

CVE-2022-49653

Weakness Enumeration

Related Identifiers

Affected Products

References · 1328