SB20250226208 - Memory leak in Linux kernel tty driver

Description

This security bulletin contains information about 1 security vulnerability.

1) Memory leak (CVE-ID: CVE-2022-49191)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mxser_activate() function in drivers/tty/mxser.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/125b7c929fc9b1e5eaa344bceb6367dfa6fd3f9d
• https://git.kernel.org/stable/c/2cd05c38a27bee7fb42aa4d43174d68ac55dac0f
• https://git.kernel.org/stable/c/376922045009f8ea2d20a8fa3475e95b47c41690
• https://git.kernel.org/stable/c/685b6d16bf89595310b5d61394c9b97cc9505c7c
• https://git.kernel.org/stable/c/6c9041b2f90c0eace73106f22350e1d2c98f5edc
• https://git.kernel.org/stable/c/6dffc2035fbaada60ca8db59e0962e34f760370a
• https://git.kernel.org/stable/c/996291d06851a26678a0fab488b6e1f0677c0576
• https://git.kernel.org/stable/c/b125b08dbee3611f03f53b71471813ed4ccafcdd
• https://git.kernel.org/stable/c/cd3a4907ee334b40d7aa880c7ab310b154fd5cd4
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.276
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.238
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.311
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.110
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.33
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.19
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.2
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.189