Linux Kernel: Double Free Vulnerability Fixed in ocxl_file_register_afu
CVE-2022-49455 Published on February 26, 2025
misc: ocxl: fix possible double free in ocxl_file_register_afu
In the Linux kernel, the following vulnerability has been resolved:
misc: ocxl: fix possible double free in ocxl_file_register_afu
info_release() will be called in device_unregister() when info->dev's
reference count is 0. So there is no need to call ocxl_afu_put() and
kfree() again.
Fix this by adding free_minor() and return to err_unregister error path.
Vulnerability Analysis
CVE-2022-49455 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
What is a Double-free Vulnerability?
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations. When a program calls free() twice with the same argument, the program's memory management data structures become corrupted. This corruption can cause the program to crash or, in some circumstances, cause two later calls to malloc() to return the same pointer. If malloc() returns the same value twice and the program later gives the attacker control over the data that is written into this doubly-allocated memory, the program becomes vulnerable to a buffer overflow attack.
CVE-2022-49455 has been classified to as a Double-free vulnerability or weakness.
Products Associated with CVE-2022-49455
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version 75ca758adbafc81804c39b2c200ecdc819a6c042 and below de65c32ace9aa70d51facc61ba986607075e3a25 is affected.
- Version 75ca758adbafc81804c39b2c200ecdc819a6c042 and below ee89d8dee55ab4b3b8ad8b70866b2841ba334767 is affected.
- Version 75ca758adbafc81804c39b2c200ecdc819a6c042 and below 8fb674216835e1f0c143762696d645facebb4685 is affected.
- Version 75ca758adbafc81804c39b2c200ecdc819a6c042 and below 252768d32e92c1214aeebb5fec0844ca479bcf5c is affected.
- Version 75ca758adbafc81804c39b2c200ecdc819a6c042 and below 9e9087cf34ee69f4e95d146ac29385d6e367a97b is affected.
- Version 75ca758adbafc81804c39b2c200ecdc819a6c042 and below 950cf957fe34d40d63dfa3bf3968210430b6491e is affected.
- Version 5.2 is affected.
- Before 5.2 is unaffected.
- Version 5.4.198, <= 5.4.* is unaffected.
- Version 5.10.121, <= 5.10.* is unaffected.
- Version 5.15.46, <= 5.15.* is unaffected.
- Version 5.17.14, <= 5.17.* is unaffected.
- Version 5.18.3, <= 5.18.* is unaffected.
- Version 5.19, <= * is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.