CVE-2022-50562Missing Release of Resource after Effective Lifetime in Linux

CWE-772Missing Release of Resource after Effective Lifetime6 documents5 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 91.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 22

Description

In the Linux kernel, the following vulnerability has been resolved: tpm: acpi: Call acpi_put_table() to fix memory leak The start and length of the event log area are obtained from TPM2 or TCPA table, so we call acpi_get_table() to get the ACPI information, but the acpi_get_table() should be coupled with acpi_put_table() to release the ACPI memory, add the acpi_put_table() properly to fix the memory leak. While we are at it, remove the redundant empty line at the end of the tpm_read_log_acpi(

Affected Packages4 packages

Linuxlinux/linux_kernel4.18.05.10.163+3
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linux0bfb23746052168620c5b52f49d8a47c3bb022fa8ddc48068ac85740d3d5f9f3b0b323e733a35b33+5
debiandebian/linux< linux 6.1.4-1 (bookworm)

🔴Vulnerability Details

3
OSV
tpm: acpi: Call acpi_put_table() to fix memory leak2025-10-22
OSV
CVE-2022-50562: In the Linux kernel, the following vulnerability has been resolved: tpm: acpi: Call acpi_put_table() to fix memory leak The start and length of the ev2025-10-22
GHSA
GHSA-j3g5-wx45-hj5x: In the Linux kernel, the following vulnerability has been resolved: tpm: acpi: Call acpi_put_table() to fix memory leak The start and length of the2025-10-22

📋Vendor Advisories

2
Red Hat
kernel: tpm: acpi: Call acpi_put_table() to fix memory leak2025-10-22
Debian
CVE-2022-50562: linux - In the Linux kernel, the following vulnerability has been resolved: tpm: acpi: ...2022