CVE-2022-49982 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix memory leak in pvr_probe The error handling code in pvr2_hdw_create forgets to unregister the v4l2 device. When pvr2_hdw_create returns back to pvr2_context_create, it calls pvr2_context_destroy to destroy context, but mp->hdw is NULL, which leads to that pvr2_hdw_destroy directly returns. Fix this by adding v4l2_device_unregister to decrease the refcount of usb interface.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/2fe46195d2f0d5d09ea65433aefe47a4d0d0ff4d
https://git.kernel.org/stable/c/466b67c0543b2ae67814d053f6e29b39be6b33bb
https://git.kernel.org/stable/c/491762b3250fb06a0c97b5198656ea48359eaeed
https://git.kernel.org/stable/c/945a9a8e448b65bec055d37eba58f711b39f66f0
https://git.kernel.org/stable/c/ba7dd8a9686a61a34b3a7b922ce721378d4740d0
https://git.kernel.org/stable/c/bacb37bdc2a21c8f7fdc83dcc0dea2f4ca1341fb
https://git.kernel.org/stable/c/c02d2a91a85c4c4d05826cd1ea74a9b8d42e4280
https://git.kernel.org/stable/c/f2f6e67522916f53ad8ccd4dbe68dcf76e9776e5
https://lore.kernel.org/linux-cve-announce/2025061821-CVE-2022-49982-cb7f@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2022-49982
https://www.cve.org/CVERecord?id=CVE-2022-49982

History

Thu, 19 Jun 2025 15:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025061821-CVE-2022-49982-cb7f@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2022-49982 https://www.cve.org/CVERecord?id=CVE-2022-49982
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`

Wed, 18 Jun 2025 11:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix memory leak in pvr_probe The error handling code in pvr2_hdw_create forgets to unregister the v4l2 device. When pvr2_hdw_create returns back to pvr2_context_create, it calls pvr2_context_destroy to destroy context, but mp->hdw is NULL, which leads to that pvr2_hdw_destroy directly returns. Fix this by adding v4l2_device_unregister to decrease the refcount of usb interface.
Title		media: pvrusb2: fix memory leak in pvr_probe
References		https://git.kernel.org/stable/c/2fe46195d2f0d5d09ea65433aefe47a4d0d0ff4d https://git.kernel.org/stable/c/466b67c0543b2ae67814d053f6e29b39be6b33bb https://git.kernel.org/stable/c/491762b3250fb06a0c97b5198656ea48359eaeed https://git.kernel.org/stable/c/945a9a8e448b65bec055d37eba58f711b39f66f0 https://git.kernel.org/stable/c/ba7dd8a9686a61a34b3a7b922ce721378d4740d0 https://git.kernel.org/stable/c/bacb37bdc2a21c8f7fdc83dcc0dea2f4ca1341fb https://git.kernel.org/stable/c/c02d2a91a85c4c4d05826cd1ea74a9b8d42e4280 https://git.kernel.org/stable/c/f2f6e67522916f53ad8ccd4dbe68dcf76e9776e5

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-06-18T11:00:44.285Z

Updated: 2025-06-18T11:00:44.285Z

Reserved: 2025-06-18T10:57:27.385Z

Link: CVE-2022-49982

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-06-18T11:15:25.720

Modified: 2025-06-18T13:46:52.973

Link: CVE-2022-49982

Redhat

Severity : Low

Publid Date: 2025-06-18T00:00:00Z

Links: CVE-2022-49982 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object