CVE-2022-49924 in Linux
Summary
by MITRE • 05/01/2025
In the Linux kernel, the following vulnerability has been resolved:
nfc: fdp: Fix potential memory leak in fdp_nci_send()
fdp_nci_send() will call fdp_nci_i2c_write that will not free skb in the function. As a result, when fdp_nci_i2c_write() finished, the skb will memleak. fdp_nci_send() should free skb after fdp_nci_i2c_write() finished.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 03/15/2026
The vulnerability identified as CVE-2022-49924 resides within the Linux kernel's NFC (Near Field Communication) subsystem, specifically within the FDP (FeliCa Device Protocol) implementation. This memory leak occurs in the fdp_nci_send() function which handles communication with NFC devices through the NCI (NFC Controller Interface) protocol. The flaw represents a classic memory management error that can lead to gradual resource exhaustion over time, particularly affecting systems running NFC-enabled hardware such as smartphones, tablets, and IoT devices that utilize NFC for payment processing, data transfer, and device pairing operations.
The technical root cause stems from improper memory deallocation within the NFC communication stack where the fdp_nci_send() function invokes fdp_nci_i2c_write() to transmit data over I2C bus to NFC controllers. During this process, the function fails to properly free the socket buffer (skb) that contains the data being transmitted. The socket buffer represents a critical memory structure used to hold network packets and their associated metadata during transmission. When fdp_nci_i2c_write() completes its execution, the skb memory remains allocated and unreferenced, creating a memory leak that accumulates with each successful NFC transaction. This issue falls under CWE-401: Improper Release of Memory and aligns with ATT&CK technique T1070.004: Indicator Removal on Host to potentially mask the degradation of system performance.
The operational impact of this vulnerability extends beyond simple memory consumption as it can lead to system instability, reduced performance, and potential denial of service conditions on devices with limited memory resources. Mobile devices and embedded systems running Linux kernels with affected NFC implementations may experience gradual performance degradation, increased memory pressure, and eventually system crashes or reboots when memory leaks accumulate to critical levels. The vulnerability is particularly concerning in IoT environments where devices may operate continuously without manual intervention, allowing memory leaks to compound over time. Additionally, this memory leak could be exploited by malicious actors to create resource exhaustion conditions that might interfere with legitimate NFC operations or potentially enable more sophisticated attacks through system instability.
Mitigation strategies for CVE-2022-49924 involve applying the official kernel patch that ensures proper memory deallocation within the fdp_nci_send() function by adding explicit skb_free() calls after the fdp_nci_i2c_write() function completes. System administrators should prioritize updating affected Linux kernel versions to patched releases, particularly those used in mobile devices, embedded systems, and IoT deployments that rely on NFC functionality. Organizations should implement regular kernel update policies and monitor their NFC-enabled devices for signs of memory pressure or performance degradation. The fix demonstrates proper defensive programming practices that align with security standards requiring memory management verification and proper resource cleanup. Security teams should also consider implementing memory monitoring tools to detect potential memory leaks in production environments and establish baseline performance metrics to identify anomalous resource consumption patterns that might indicate the presence of this vulnerability or similar memory management flaws.