CVE-2022-49923
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49923
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49923.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49923
- Related
- Published
- 2025-05-01T15:16:17Z
- Modified
- 2025-05-07T14:45:38.018681Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
nfc: nxp-nci: Fix potential memory leak in nxpncisend()
nxpncisend() will call nxpncii2cwrite(), and only free skb when nxpncii2cwrite() failed. However, even if the nxpncii2cwrite() run succeeds, the skb will not be freed in nxpncii2cwrite(). As the result, the skb will memleak. nxpncisend() should also free the skb when nxpncii2c_write() succeeds.
- References
-
- https://git.kernel.org/stable/c/3cba1f061bfe23fece2841129ca2862cdec29d5c
- https://git.kernel.org/stable/c/3ecf0f4227029b2c42e036b10ff6e5d09e20821e
- https://git.kernel.org/stable/c/7bf1ed6aff0f70434bd0cdd45495e83f1dffb551
- https://git.kernel.org/stable/c/9ae2c9a91ff068f4c3e392f47e8e26a1c9f85ebb
- https://security-tracker.debian.org/tracker/CVE-2022-49923
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.158-1
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source