CVE-2022-49121

In pm8001chipsetdevstatereq(), pm8001chipfwflashupdatereq(), pm80xxchipphyctlreq() and pm8001chipregdevreq() add missing calls to pm8001tagfree() to free the allocated tag when pm8001mpibuild_cmd() fails.

Similarly, in pm8001execinternaltaskabort(), if the chip ->taskabort method fails, the tag allocated for the abort request task must be freed. Add the missing call to pm8001tag_free().

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49121.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

dbf9bfe615717d1145f263c0049fe2328e6ed395

Fixed

a0bb65eadbf942024226241d9d99fed17168940b

Fixed

43c617eefab7077d69f5989ad3e2a273da1d728b

Fixed

bdc74815f1c39905054b7d47399e0260b201b14d

Fixed

9cc72bcc1c096ed42c91646f130d4b4191580a4c

Fixed

4c8f04b1905cd4b776d0b720463c091545478ef7

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49121.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

2.6.33

Fixed

5.10.111

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.34

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

5.16.20

Type: ECOSYSTEM
Events: Introduced

5.17.0

Fixed

5.17.3

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49121.json"