Cyber Resilience

CVE-2022-49530

High

Published: 26 February 2025

Published
26 February 2025
Modified
01 October 2025
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0002 3.8th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-49530 is a high-severity Double Free (CWE-415) vulnerability in Linux Linux Kernel. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 3.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2022-49530 is a double free vulnerability in the Linux kernel's DRM/AMD power management subsystem, specifically within the si_parse_power_table() function. The flaw occurs during allocation of the array adev->pm.dpm.ps and its members; if a member allocation fails, the array is freed and an error is returned, but the array is freed again in the si_dpm_fini() function. This results in a double free of the array, along with potential memory leaks of array members (which are not freed), and risks of use-after-free or uninitialized access due to adev->pm.dpm.num_ps not being updated until successful allocation.

A local attacker with low privileges can exploit this vulnerability (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, score 7.8; CWE-415). By triggering the power table parsing code path, such as during AMD GPU initialization or related operations, the attacker can induce the double free and associated memory corruptions, potentially leading to high-impact confidentiality, integrity, and availability violations, including system crashes, data leaks, or privilege escalation.

Mitigation is provided through Linux kernel stable patches, as detailed in the referenced commits (e.g., https://git.kernel.org/stable/c/2615464854505188f909d0c07c37a6623693b5c7 and others). These fixes postpone the array free until si_dpm_fini(), ensure array members are properly managed, and increment adev->pm.dpm.num_ps only after successful allocations, preventing the double free, leaks, and related issues. Affected systems should update to kernels incorporating these commits.

EU & UK References

Vulnerability details

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix double free in si_parse_power_table() In function si_parse_power_table(), array adev->pm.dpm.ps and its member is allocated. If the allocation of each member fails, the array itself is freed and returned…

more

with an error code. However, the array is later freed again in si_dpm_fini() function which is called when the function returns an error. This leads to potential double free of the array adev->pm.dpm.ps, as well as leak of its array members, since the members are not freed in the allocation function and the array is not nulled when freed. In addition adev->pm.dpm.num_ps, which keeps track of the allocated array member, is not updated until the member allocation is successfully finished, this could also lead to either use after free, or uninitialized variable access in si_dpm_fini(). Fix this by postponing the free of the array until si_dpm_fini() and increment adev->pm.dpm.num_ps everytime the array member is allocated.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Double-free in kernel DRM/AMD PM code enables local memory corruption leading directly to privilege escalation (CWE-415, high-impact local exploit path).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-23387Same product: Linux Linux Kernel
CVE-2024-57980Same product: Linux Linux Kernel
CVE-2026-31489Same product: Linux Linux Kernel
CVE-2022-49391Same product: Linux Linux Kernel
CVE-2022-49290Same product: Linux Linux Kernel
CVE-2026-23162Same product: Linux Linux Kernel
CVE-2026-23068Same product: Linux Linux Kernel
CVE-2022-49384Same product: Linux Linux Kernel
CVE-2026-31475Same product: Linux Linux Kernel
CVE-2026-31468Same product: Linux Linux Kernel

Affected Assets

linux
linux kernel
≤ 4.9.318 · 4.10 — 4.14.283 · 4.15 — 4.19.247

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely remediation of the double free flaw in si_parse_power_table via application of Linux kernel stable patches.

detect

Facilitates identification of CVE-2022-49530 through periodic vulnerability scanning of kernel versions and components.

prevent

Mandates secure error handling for allocation failures to avoid premature array freeing and subsequent double free in error paths.

References