CVE-2022-49793
Published: May 1, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init() dev_set_name() allocates memory for name, it need be freed when device_add() fails, call put_device() to give up the reference that hold in device_initialize(), so that it can be freed in kobject_cleanup() when the refcount hit to 0. Fault injection test can trigger this: unreferenced object 0xffff8e8340a7b4c0 (size 32): comm "modprobe", pid 243, jiffies 4294678145 (age 48.845s) hex dump (first 32 bytes): 69 69 6f 5f 73 79 73 66 73 5f 74 72 69 67 67 65 iio_sysfs_trigge 72 00 a7 40 83 8e ff ff 00 86 13 c4 f6 ee ff ff r..@............ backtrace: [<0000000074999de8>] __kmem_cache_alloc_node+0x1e9/0x360 [<00000000497fd30b>] __kmalloc_node_track_caller+0x44/0x1a0 [<000000003636c520>] kstrdup+0x2d/0x60 [<0000000032f84da2>] kobject_set_name_vargs+0x1e/0x90 [<0000000092efe493>] dev_set_name+0x4e/0x70
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 1f785681a87068f123d3e23da13b2c55ab4f93ac - < f68c96821b61d2c71a35dbb8bf90c347fad624d9affected 1f785681a87068f123d3e23da13b2c55ab4f93ac - < 5a39382aa5411d64b25a71516c2c7480aab13bb7affected 1f785681a87068f123d3e23da13b2c55ab4f93ac - < b47bb521961f027b4dcf8683337a7a1ba9e5ea1faffected 1f785681a87068f123d3e23da13b2c55ab4f93ac - < 0dd52e141afde089304de470148d311b05c14564affected 1f785681a87068f123d3e23da13b2c55ab4f93ac - < 8dddf2699da296c84205582aaead6b43dd7e8c4b+3 more versions |
Linux | Linux | affected 3.0unaffected 0 - < 3.0unaffected 4.9.334 - <= 4.9.*unaffected 4.14.300 - <= 4.14.*unaffected 4.19.267 - <= 4.19.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now