CVE-2022-49953

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-49953
In the Linux kernel, the following vulnerability has been resolved: iio: light: cm3605: Fix an error handling path in cm3605_probe() The commit in Fixes also introduced a new error handling path which should goto the existing error handling path. Otherwise some resources leak.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/160905549e663019e26395ed9d66c24ee2cf5187 Patch
https://git.kernel.org/stable/c/3f7f49d8135cfe137c81316af64678f4dca1b82b Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.0:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.0:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.0:rc3:*:*:*:*:*:*
History

14 Nov 2025, 18:59

Type Values Removed Values Added
CPE cpe:2.3:o:linux:linux_kernel:6.0:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.0:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.0:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
First Time Linux
Linux linux Kernel
CWE NVD-CWE-noinfo
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
References () https://git.kernel.org/stable/c/160905549e663019e26395ed9d66c24ee2cf5187 - () https://git.kernel.org/stable/c/160905549e663019e26395ed9d66c24ee2cf5187 - Patch
References () https://git.kernel.org/stable/c/3f7f49d8135cfe137c81316af64678f4dca1b82b - () https://git.kernel.org/stable/c/3f7f49d8135cfe137c81316af64678f4dca1b82b - Patch
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iio: light: cm3605: Se corrige una ruta de gestión de errores en cm3605_probe(). El commit en Fixes (correcciones) también introdujo una nueva ruta de gestión de errores que debería enlazar con la ruta de gestión de errores existente. De lo contrario, se producirían fugas de recursos.

18 Jun 2025, 11:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-06-18 11:15

Updated : 2025-11-14 18:59

NVD link : CVE-2022-49953

Mitre link : CVE-2022-49953

CVE.ORG link : CVE-2022-49953

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
NVD-CWE-noinfo