| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025022622-CVE-2022-49224-8d81@gregkh> Date: Wed, 26 Feb 2025 02:57:09 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2022-49224: power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init Description =========== In the Linux kernel, the following vulnerability has been resolved: power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add(): If this function returns an error, kobject_put() must be called to properly clean up the memory associated with the object. Fix memory leak by calling kobject_put(). The Linux kernel CVE team has assigned CVE-2022-49224 to this issue. Affected and fixed versions =========================== Issue introduced in 4.9 with commit 8c0984e5a75337df513047ec92a6c09d78e3e5cd and fixed in 4.9.311 with commit 31cdf7897dba1f096b74f69d840f0575b8cdb9ae Issue introduced in 4.9 with commit 8c0984e5a75337df513047ec92a6c09d78e3e5cd and fixed in 4.14.276 with commit 19aa3c98ed7b2616e105946cec804f897837ab84 Issue introduced in 4.9 with commit 8c0984e5a75337df513047ec92a6c09d78e3e5cd and fixed in 4.19.238 with commit db3a61ef8e6aef3b888baa6a85926c2230c2cc56 Issue introduced in 4.9 with commit 8c0984e5a75337df513047ec92a6c09d78e3e5cd and fixed in 5.4.189 with commit 41ed61364285ff38bbbe9ca8a45c8372ba72921d Issue introduced in 4.9 with commit 8c0984e5a75337df513047ec92a6c09d78e3e5cd and fixed in 5.10.110 with commit 879356a6a05559582b0a7895d86d2d4359745c08 Issue introduced in 4.9 with commit 8c0984e5a75337df513047ec92a6c09d78e3e5cd and fixed in 5.15.33 with commit ffb8e92b4cef92bd25563cf3d8b4489eb22bc61f Issue introduced in 4.9 with commit 8c0984e5a75337df513047ec92a6c09d78e3e5cd and fixed in 5.16.19 with commit 261041097ab3470f1120b7733cbf472712304d1e Issue introduced in 4.9 with commit 8c0984e5a75337df513047ec92a6c09d78e3e5cd and fixed in 5.17.2 with commit c32f6b6196b6efc1c68990dfeaac36fb8eb3b8e1 Issue introduced in 4.9 with commit 8c0984e5a75337df513047ec92a6c09d78e3e5cd and fixed in 5.18 with commit 6a4760463dbc6b603690938c468839985189ce0a Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-49224 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/power/supply/ab8500_fg.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/31cdf7897dba1f096b74f69d840f0575b8cdb9ae https://git.kernel.org/stable/c/19aa3c98ed7b2616e105946cec804f897837ab84 https://git.kernel.org/stable/c/db3a61ef8e6aef3b888baa6a85926c2230c2cc56 https://git.kernel.org/stable/c/41ed61364285ff38bbbe9ca8a45c8372ba72921d https://git.kernel.org/stable/c/879356a6a05559582b0a7895d86d2d4359745c08 https://git.kernel.org/stable/c/ffb8e92b4cef92bd25563cf3d8b4489eb22bc61f https://git.kernel.org/stable/c/261041097ab3470f1120b7733cbf472712304d1e https://git.kernel.org/stable/c/c32f6b6196b6efc1c68990dfeaac36fb8eb3b8e1 https://git.kernel.org/stable/c/6a4760463dbc6b603690938c468839985189ce0a
Powered by blists - more mailing lists