CVE-2022-49263

brcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

MITRE
PS

In the Linux kernel, the following vulnerability has been resolved: brcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path This avoids leaking memory if brcmf_chip_get_raminfo fails. Note that
the CLM blob is released in the device remove path.

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed.

*Credits: N/A

CVSS Scores

redhat-cnalrv3.1 5.5

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-02-26 CVE Reserved
2025-02-26 CVE Published
2025-05-04 CVE Updated
2025-06-28 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (9)

URL	Tag	Source
https://git.kernel.org/stable/c/82f93cf46d6007ffa003b2d4a2834563b6b84d21	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/d0ab87f8dcdfe72dc1d763be3392c1fc51a1ace2	2022-04-15
https://git.kernel.org/stable/c/f3820ddaf4f3ac80c7401ccc6a42e663c9317f31	2022-04-08
https://git.kernel.org/stable/c/a88337a06966f2d733ad9a97714b874469133f14	2022-04-08
https://git.kernel.org/stable/c/4e0b507597e1a86e9b4c056ab274c427223cf8ea	2022-04-08
https://git.kernel.org/stable/c/0347bdfdb1529994ac3a4cb425087c477a74eb2c	2022-04-08
https://git.kernel.org/stable/c/5e90f0f3ead014867dade7a22f93958119f5efab	2022-02-01

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2022-49263	2022-11-15
https://bugzilla.redhat.com/show_bug.cgi?id=2348286	2022-11-15

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.4 < 5.4.189 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4 < 5.4.189"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.4 < 5.10.110 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4 < 5.10.110"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.4 < 5.15.33 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4 < 5.15.33"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.4 < 5.16.19 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4 < 5.16.19"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.4 < 5.17.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4 < 5.17.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.4 < 5.18 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4 < 5.18"		en		Affected