{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T19:53:46.174","vulnerabilities":[{"cve":{"id":"CVE-2022-49661","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-02-26T07:01:41.137","lastModified":"2025-10-23T15:49:50.600","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ncan: gs_usb: gs_usb_open/close(): fix memory leak\n\nThe gs_usb driver appears to suffer from a malady common to many USB\nCAN adapter drivers in that it performs usb_alloc_coherent() to\nallocate a number of USB request blocks (URBs) for RX, and then later\nrelies on usb_kill_anchored_urbs() to free them, but this doesn't\nactually free them. As a result, this may be leaking DMA memory that's\nbeen used by the driver.\n\nThis commit is an adaptation of the techniques found in the esd_usb2\ndriver where a similar design pattern led to a memory leak. It\nexplicitly frees the RX URBs and their DMA memory via a call to\nusb_free_coherent(). Since the RX URBs were allocated in the\ngs_can_open(), we remove them in gs_can_close() rather than in the\ndisconnect function as was done in esd_usb2.\n\nFor more information, see the 928150fad41b (\"can: esd_usb2: fix memory\nleak\")."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: can: gs_usb: gs_usb_open/close(): corrige pérdida de memoria El controlador gs_usb parece sufrir un problema común a muchos controladores de adaptadores USB CAN, ya que realiza usb_alloc_coherent() para asignar una cantidad de bloques de solicitud USB (URB) para RX y luego se basa en usb_kill_anchored_urbs() para liberarlos, pero esto en realidad no los libera. Como resultado, esto puede estar perdiendo memoria DMA que ha sido utilizada por el controlador. Esta confirmación es una adaptación de las técnicas encontradas en el controlador esd_usb2 donde un patrón de diseño similar condujo a una pérdida de memoria. Libera explícitamente los URB RX y su memoria DMA a través de una llamada a usb_free_coherent(). Dado que los URB RX se asignaron en gs_can_open(), los eliminamos en gs_can_close() en lugar de en la función de desconexión como se hizo en esd_usb2. Para obtener más información, consulte 928150fad41b (\"can: esd_usb2: reparar pérdida de memoria\")."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-401"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.16","versionEndExcluding":"4.9.323","matchCriteriaId":"6905FC8D-2D88-4EB3-8313-368BA1D670A9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10","versionEndExcluding":"4.14.288","matchCriteriaId":"11E86C4E-715B-4E25-81E9-2FD98431E3FA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"4.19.252","matchCriteriaId":"2CC8E927-649A-40AD-AB62-F7EE444BEF0F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.4.205","matchCriteriaId":"844199C4-DEBE-4DA1-AB77-5A7984F9393B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.130","matchCriteriaId":"8BF24898-7C80-443F-93F3-F82029BBFF72"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.54","matchCriteriaId":"B2197EF1-3D9C-4EBA-9F94-6C8668E719B6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"5.18.11","matchCriteriaId":"622F881E-3317-4653-9558-86008C2FBFD2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.19:rc1:*:*:*:*:*:*","matchCriteriaId":"A8C30C2D-F82D-4D37-AB48-D76ABFBD5377"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.19:rc2:*:*:*:*:*:*","matchCriteriaId":"BF8547FC-C849-4F1B-804B-A93AE2F04A92"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.19:rc3:*:*:*:*:*:*","matchCriteriaId":"F3068028-F453-4A1C-B80F-3F5609ACEF60"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.19:rc4:*:*:*:*:*:*","matchCriteriaId":"2E9C0DB0-D349-489F-A3D6-B77214E93A8A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.19:rc5:*:*:*:*:*:*","matchCriteriaId":"1A0DE3B7-0FFB-45AA-9BD6-19870CA7C6FD"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0e60230bc64355c80abe993d1719fdb318094e20","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2bda24ef95c0311ab93bda00db40486acf30bd0a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/339fa9f80d3b94177a7a459c6d115d3b56007d5a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6f655b5e13fa4b27e915b6c209ac0da74fd75963","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c1d806bc29ff7ffe0e2a023583c8720ed96cb0b0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d0b8e223998866b3e7b2895927d4e9689b0a80d8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d91492638b054f4a359621ef216242be5973ed6b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ffb6cc6601ec7c8fa963dcf76025df4a02f2cf5c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}