DEBIAN-CVE-2022-49436
- Source
- https://security-tracker.debian.org/tracker/CVE-2022-49436
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-49436.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2022-49436
- Upstream
- Published
- 2025-02-26T07:01:20Z
- Modified
- 2025-09-19T06:26:10Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: powerpc/paprscm: Fix leaking nvdimmeventsmap elements Right now 'char *' elements allocated for individual 'statid' in 'paprscmpriv.nvdimmeventsmap[]' during paprscmpmucheckevents(), get leaked in paprscmremove() and paprscmpmuregister(), paprscmpmucheckevents() error paths. Also individual 'statid' arent NULL terminated 'char *' instead they are fixed 8-byte sized identifiers. However paprscmpmuregister() assumes it to be a NULL terminated 'char *' and at other places it assumes it to be a 'paprscmperfstat.statid' sized string which is 8-byes in size. Fix this by allocating the memory for paprscmpriv.nvdimmeventsmap to also include space for 'statid' entries. This is possible since number of available events/statids are known upfront. This saves some memory and one extra level of indirection from 'nvdimmeventsmap' to 'statid'. Also rest of the code can continue to call 'kfree(paprscmpriv.nvdimmeventsmap)' without needing to iterate over the array and free up individual elements.
- References
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source