CVE-2022-49923 in Linux
Summary
by MITRE • 05/01/2025
In the Linux kernel, the following vulnerability has been resolved:
nfc: nxp-nci: Fix potential memory leak in nxp_nci_send()
nxp_nci_send() will call nxp_nci_i2c_write(), and only free skb when nxp_nci_i2c_write() failed. However, even if the nxp_nci_i2c_write() run succeeds, the skb will not be freed in nxp_nci_i2c_write(). As the result, the skb will memleak. nxp_nci_send() should also free the skb when nxp_nci_i2c_write() succeeds.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 03/15/2026
The vulnerability identified as CVE-2022-49923 resides within the Linux kernel's NFC subsystem, specifically affecting the nxp-nci driver implementation. This memory leak occurs in the nxp_nci_send() function which handles communication with NXP NFC controllers through I2C interface. The flaw represents a classic memory management error that can lead to gradual resource exhaustion over time, particularly in systems with continuous NFC operations or high-frequency communication patterns.
The technical root cause of this vulnerability stems from improper memory deallocation logic within the driver's communication flow. When nxp_nci_send() invokes nxp_nci_i2c_write(), the function correctly frees the socket buffer (skb) only upon failure of the I2C write operation. However, the function fails to release the skb memory when the I2C write succeeds, creating a memory leak condition. This pattern violates fundamental memory management principles and creates a persistent resource drain that accumulates over time. The issue manifests as a memory leak with a CWE-401 classification, specifically related to improper deallocation of memory resources. The vulnerability impacts the nxp-nci driver which implements the NFC controller interface for NXP's NFC chipsets, commonly found in mobile devices, embedded systems, and IoT applications requiring contactless communication capabilities.
The operational impact of this memory leak extends beyond simple resource consumption, potentially leading to system instability and performance degradation in embedded environments where memory is constrained. As the kernel module continues to process NFC commands through the nxp-nci driver, each successful I2C write operation contributes to a growing memory footprint that can eventually impact system responsiveness or cause unexpected termination of NFC services. This vulnerability particularly affects systems running Linux kernel versions where the nxp-nci driver is actively used for NFC operations, potentially compromising device reliability in mobile platforms, automotive systems, or industrial IoT deployments where continuous NFC functionality is required. The memory leak pattern aligns with ATT&CK technique T1490 for resource exhaustion, as the sustained memory consumption can degrade system performance or cause service unavailability.
The fix for CVE-2022-49923 requires modification of the nxp_nci_send() function to ensure proper memory management regardless of the outcome from nxp_nci_i2c_write(). The solution involves implementing conditional skb deallocation in both success and failure paths of the I2C write operation, ensuring that each allocated socket buffer is properly freed after use. This remediation addresses the root cause by establishing proper memory lifecycle management within the driver's communication stack. The fix should be applied to all kernel versions containing the affected nxp-nci driver implementation, particularly those supporting NFC functionality in mobile devices, embedded systems, and IoT platforms. System administrators should prioritize patching affected systems, especially in production environments where continuous NFC operations occur, to prevent progressive memory exhaustion that could lead to system instability or unexpected service interruptions. The vulnerability demonstrates the critical importance of proper resource management in kernel-level drivers and highlights the need for comprehensive testing of memory allocation and deallocation patterns in embedded communication subsystems.