SB2025022689 - Memory leak in Linux kernel video fbdev driver
Published: February 26, 2025 Updated: May 11, 2025
Security Bulletin ID
SB2025022689
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2022-49421)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the clcdfb_of_vram_setup() function in drivers/video/fbdev/amba-clcd.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/2e2e2c71b2642289438392edbf5d08cdbc0b138b
- https://git.kernel.org/stable/c/38d245cebf545338a6bc1c7762023de3fbecd7b7
- https://git.kernel.org/stable/c/51eb1bb6baeb478538dd4ec6459fd68c44a855b1
- https://git.kernel.org/stable/c/6c92711db7c90f78e0b67ac2a8944d0fe7e12d83
- https://git.kernel.org/stable/c/8db59df7f5826e104db82cfddbf22a33a151193e
- https://git.kernel.org/stable/c/b23789a59fa6f00e98a319291819f91fbba0deb8
- https://git.kernel.org/stable/c/bbb2a24e863b6a10129546a0a4ceea2f07deec39
- https://git.kernel.org/stable/c/c1c4405222b6fc98c16e8c2aa679c14e41d81465
- https://git.kernel.org/stable/c/f2dfb4ab887d67be7d0892ba041d3c8d738d3356
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.46