CVE-2022-49896

MEDIUM 5.5

cxl/pmem: Fix cxl_pmem_region and cxl_memdev leak

CVSS Score

5.5

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fix cxl_pmem_region and cxl_memdev leak When a cxl_nvdimm object goes through a ->remove() event (device physically removed, nvdimm-bridge disabled, or nvdimm device disabled), then any associated regions must also be disabled. As highlighted by the cxl-create-region.sh test [1], a single device may host multiple regions, but the driver was only tracking one region at a time. This leads to a situation where only the last enabled region per nvdimm device is cleaned up properly. Other regions are leaked, and this also causes cxl_memdev reference leaks. Fix the tracking by allowing cxl_nvdimm objects to track multiple region associations.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	May 1, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new medium vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

04ad63f086d1a9649b8b082748cbc7a570ade461 < f43b6bfdbab78606735ba81185cf0602b81e40b6 04ad63f086d1a9649b8b082748cbc7a570ade461 < 4d07ae22e79ebc2d7528bbc69daa53b86981cb3a

Linux / Linux

6.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/f43b6bfdbab78606735ba81185cf0602b81e40b6 git.kernel.org: https://git.kernel.org/stable/c/4d07ae22e79ebc2d7528bbc69daa53b86981cb3a