CVE-2022-49981

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-49981
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49981.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-49981
Related
Published
2025-06-18T11:15:25Z
Modified
2025-06-18T16:46:32.049274Z
Downstream
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

HID: hidraw: fix memory leak in hidraw_release()

Free the buffered reports before deleting the list entry.

BUG: memory leak unreferenced object 0xffff88810e72f180 (size 32): comm "softirq", pid 0, jiffies 4294945143 (age 16.080s) hex dump (first 32 bytes): 64 f3 c6 6a d1 88 07 04 00 00 00 00 00 00 00 00 d..j............ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<ffffffff814ac6c3>] kmemdup+0x23/0x50 mm/util.c:128 [<ffffffff8357c1d2>] kmemdup include/linux/fortify-string.h:440 [inline] [<ffffffff8357c1d2>] hidrawreportevent+0xa2/0x150 drivers/hid/hidraw.c:521 [<ffffffff8356ddad>] hidreportrawevent+0x27d/0x740 drivers/hid/hid-core.c:1992 [<ffffffff8356e41e>] hidinputreport+0x1ae/0x270 drivers/hid/hid-core.c:2065 [<ffffffff835f0d3f>] hidirqin+0x1ff/0x250 drivers/hid/usbhid/hid-core.c:284 [<ffffffff82d3c7f9>] _usbhcdgivebackurb+0xf9/0x230 drivers/usb/core/hcd.c:1670 [<ffffffff82d3cc26>] usbhcdgivebackurb+0x1b6/0x1d0 drivers/usb/core/hcd.c:1747 [<ffffffff82ef1e14>] dummytimer+0x8e4/0x14c0 drivers/usb/gadget/udc/dummyhcd.c:1988 [<ffffffff812f50a8>] calltimerfn+0x38/0x200 kernel/time/timer.c:1474 [<ffffffff812f5586>] expiretimers kernel/time/timer.c:1519 [inline] [<ffffffff812f5586>] _runtimers.part.0+0x316/0x430 kernel/time/timer.c:1790 [<ffffffff812f56e4>] _runtimers kernel/time/timer.c:1768 [inline] [<ffffffff812f56e4>] runtimersoftirq+0x44/0x90 kernel/time/timer.c:1803 [<ffffffff848000e6>] _dosoftirq+0xe6/0x2ea kernel/softirq.c:571 [<ffffffff81246db0>] invokesoftirq kernel/softirq.c:445 [inline] [<ffffffff81246db0>] _irqexitrcu kernel/softirq.c:650 [inline] [<ffffffff81246db0>] irqexitrcu+0xc0/0x110 kernel/softirq.c:662 [<ffffffff84574f02>] sysvecapictimerinterrupt+0xa2/0xd0 arch/x86/kernel/apic/apic.c:1106 [<ffffffff84600c8b>] asmsysvecapictimerinterrupt+0x1b/0x20 arch/x86/include/asm/idtentry.h:649 [<ffffffff8458a070>] nativesafehalt arch/x86/include/asm/irqflags.h:51 [inline] [<ffffffff8458a070>] archsafehalt arch/x86/include/asm/irqflags.h:89 [inline] [<ffffffff8458a070>] acpisafehalt drivers/acpi/processoridle.c:111 [inline] [<ffffffff8458a070>] acpiidledoentry+0xc0/0xd0 drivers/acpi/processor_idle.c:554

References

Affected packages

Debian:11 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.148-1

Affected versions

5.*

5.10.46-4
5.10.46-5
5.10.70-1~bpo10+1
5.10.70-1
5.10.84-1
5.10.92-1~bpo10+1
5.10.92-1
5.10.92-2
5.10.103-1~bpo10+1
5.10.103-1
5.10.106-1
5.10.113-1
5.10.120-1~bpo10+1
5.10.120-1
5.10.127-1
5.10.127-2~bpo10+1
5.10.127-2
5.10.136-1
5.10.140-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.0.2-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.0.2-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}