{"id":"CVE-2022-49981","summary":"HID: hidraw: fix memory leak in hidraw_release()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hidraw: fix memory leak in hidraw_release()\n\nFree the buffered reports before deleting the list entry.\n\nBUG: memory leak\nunreferenced object 0xffff88810e72f180 (size 32):\n  comm \"softirq\", pid 0, jiffies 4294945143 (age 16.080s)\n  hex dump (first 32 bytes):\n    64 f3 c6 6a d1 88 07 04 00 00 00 00 00 00 00 00  d..j............\n    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n  backtrace:\n    [\u003cffffffff814ac6c3\u003e] kmemdup+0x23/0x50 mm/util.c:128\n    [\u003cffffffff8357c1d2\u003e] kmemdup include/linux/fortify-string.h:440 [inline]\n    [\u003cffffffff8357c1d2\u003e] hidraw_report_event+0xa2/0x150 drivers/hid/hidraw.c:521\n    [\u003cffffffff8356ddad\u003e] hid_report_raw_event+0x27d/0x740 drivers/hid/hid-core.c:1992\n    [\u003cffffffff8356e41e\u003e] hid_input_report+0x1ae/0x270 drivers/hid/hid-core.c:2065\n    [\u003cffffffff835f0d3f\u003e] hid_irq_in+0x1ff/0x250 drivers/hid/usbhid/hid-core.c:284\n    [\u003cffffffff82d3c7f9\u003e] __usb_hcd_giveback_urb+0xf9/0x230 drivers/usb/core/hcd.c:1670\n    [\u003cffffffff82d3cc26\u003e] usb_hcd_giveback_urb+0x1b6/0x1d0 drivers/usb/core/hcd.c:1747\n    [\u003cffffffff82ef1e14\u003e] dummy_timer+0x8e4/0x14c0 drivers/usb/gadget/udc/dummy_hcd.c:1988\n    [\u003cffffffff812f50a8\u003e] call_timer_fn+0x38/0x200 kernel/time/timer.c:1474\n    [\u003cffffffff812f5586\u003e] expire_timers kernel/time/timer.c:1519 [inline]\n    [\u003cffffffff812f5586\u003e] __run_timers.part.0+0x316/0x430 kernel/time/timer.c:1790\n    [\u003cffffffff812f56e4\u003e] __run_timers kernel/time/timer.c:1768 [inline]\n    [\u003cffffffff812f56e4\u003e] run_timer_softirq+0x44/0x90 kernel/time/timer.c:1803\n    [\u003cffffffff848000e6\u003e] __do_softirq+0xe6/0x2ea kernel/softirq.c:571\n    [\u003cffffffff81246db0\u003e] invoke_softirq kernel/softirq.c:445 [inline]\n    [\u003cffffffff81246db0\u003e] __irq_exit_rcu kernel/softirq.c:650 [inline]\n    [\u003cffffffff81246db0\u003e] irq_exit_rcu+0xc0/0x110 kernel/softirq.c:662\n    [\u003cffffffff84574f02\u003e] sysvec_apic_timer_interrupt+0xa2/0xd0 arch/x86/kernel/apic/apic.c:1106\n    [\u003cffffffff84600c8b\u003e] asm_sysvec_apic_timer_interrupt+0x1b/0x20 arch/x86/include/asm/idtentry.h:649\n    [\u003cffffffff8458a070\u003e] native_safe_halt arch/x86/include/asm/irqflags.h:51 [inline]\n    [\u003cffffffff8458a070\u003e] arch_safe_halt arch/x86/include/asm/irqflags.h:89 [inline]\n    [\u003cffffffff8458a070\u003e] acpi_safe_halt drivers/acpi/processor_idle.c:111 [inline]\n    [\u003cffffffff8458a070\u003e] acpi_idle_do_entry+0xc0/0xd0 drivers/acpi/processor_idle.c:554","modified":"2026-04-03T13:14:52.243809Z","published":"2025-06-18T11:00:43.351Z","related":["SUSE-SU-2025:02264-1","SUSE-SU-2025:02308-1","SUSE-SU-2025:02320-1","SUSE-SU-2025:02321-1","SUSE-SU-2025:02322-1","SUSE-SU-2025:02537-1","SUSE-SU-2025:03204-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49981.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/1bea0bbf66001b0c7bf239a4d70eaf47824d3feb"},{"type":"WEB","url":"https://git.kernel.org/stable/c/52a3c62a815161c2dcf38ac421f6c41d8679462b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/53c7c4d5d40b45c127cb1193bf3e9670f844c3cf"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7e2fa79226580b035b00260d9f240ab9bda4af5d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a5623a203cffe2d2b84d2f6c989d9017db1856af"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c06b013f5cbfeafe0a9cfa5a7128604c34e0e517"},{"type":"WEB","url":"https://git.kernel.org/stable/c/dfd27a737283313a3e626e97b9d9b2d8d6a94188"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f5b7e9611cffec345d62d5bdd8b6e30e89956818"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49981.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49981"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"86166b7bcda0bcb53525114fa1c87ac432be478e"},{"fixed":"1bea0bbf66001b0c7bf239a4d70eaf47824d3feb"},{"fixed":"c06b013f5cbfeafe0a9cfa5a7128604c34e0e517"},{"fixed":"f5b7e9611cffec345d62d5bdd8b6e30e89956818"},{"fixed":"53c7c4d5d40b45c127cb1193bf3e9670f844c3cf"},{"fixed":"7e2fa79226580b035b00260d9f240ab9bda4af5d"},{"fixed":"dfd27a737283313a3e626e97b9d9b2d8d6a94188"},{"fixed":"52a3c62a815161c2dcf38ac421f6c41d8679462b"},{"fixed":"a5623a203cffe2d2b84d2f6c989d9017db1856af"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49981.json"}}],"schema_version":"1.7.5"}