CVE-2022-49757

EDAC/highbank: Fix memory leak in highbank_mc_probe()

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: EDAC/highbank: Fix memory leak in highbank_mc_probe() When devres_open_group() fails, it returns -ENOMEM without freeing memory
allocated by edac_mc_alloc(). Call edac_mc_free() on the error handling path to avoid a memory leak. [ bp: Massage commit message. ]

In the Linux kernel, the following vulnerability has been resolved: EDAC/highbank: Fix memory leak in highbank_mc_probe() When devres_open_group() fails, it returns -ENOMEM without freeing memory allocated by edac_mc_alloc(). Call edac_mc_free() on the error handling path to avoid a memory leak. [ bp: Massage commit message. ]

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2025-03-27 CVE Reserved
2025-03-27 CVE Published
2026-05-10 EPSS Updated
2026-05-11 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-401: Missing Release of Memory after Effective Lifetime

CAPEC

References (8)

URL	Tag	Source
https://git.kernel.org/stable/c/a1b01edb274518c7da6d69b84e7558c092282aad	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/f1b3e23ed8df87d779ee86ac37f379e79a24169a	2023-02-06
https://git.kernel.org/stable/c/0db40e23b56d217eebd385bebb64057ef764b2c7	2023-02-06
https://git.kernel.org/stable/c/8d23f5d25264beb223ee79cdb530b88c237719fc	2023-02-06
https://git.kernel.org/stable/c/329fbd260352a7b9a83781d8b8bd96f95844a51f	2023-02-01
https://git.kernel.org/stable/c/caffa7fed1397d1395052272c93900176de86557	2023-02-01
https://git.kernel.org/stable/c/b7863ef8a8f0fee96b4eb41211f4918c0e047253	2023-02-01
https://git.kernel.org/stable/c/e7a293658c20a7945014570e1921bf7d25d68a36	2023-01-03

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.6 < 4.14.305 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.6 < 4.14.305"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.6 < 4.19.272 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.6 < 4.19.272"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.6 < 5.4.231 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.6 < 5.4.231"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.6 < 5.10.166 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.6 < 5.10.166"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.6 < 5.15.91 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.6 < 5.15.91"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.6 < 6.1.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.6 < 6.1.9"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.6 < 6.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.6 < 6.2"		en		Affected