LiveActive security incident?Get immediate response
CVE Record

CVE-2022-48928: iio: adc: men_z188_adc: Fix a resource leak in an error handling path

In the Linux kernel, the following vulnerability has been resolved: iio: adc: men_z188_adc: Fix a resource leak in an error handling path If iio_device_register() fails, a previous ioremap() is left unbalanced. Update the error handling path and add the missing iounmap() call, as already done in the remove function.

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysislow

Security readout for executives and security teams

Plain-English summary

This CVE is a Linux kernel driver bug where cleanup is incomplete after a registration failure. It can leave a mapped I/O resource behind. The public record does not show active exploitation, CVSS scoring, or broad product impact beyond Linux kernel builds containing the affected driver.

Executive priority

Treat this as routine kernel hygiene unless the organization uses affected industrial I/O hardware. There is no source-backed evidence of active exploitation, but patched kernels should still be adopted through normal maintenance because resource leaks can affect reliability.

Technical view

The issue is in the Industrial I/O ADC driver men_z188_adc. If iio_device_register() fails after ioremap(), the error path did not call iounmap(), creating an unbalanced resource mapping. Kernel stable commits add the missing cleanup already used in the remove path.

Likely exposure

Exposure is most likely limited to Linux systems with the MEN Z188 ADC driver present and relevant hardware or module usage. General-purpose servers without this driver enabled are less likely exposed. Version evidence in the bundle is incomplete and should be mapped through vendor kernel packages.

Exploitation context

The source bundle marks KEV as false and provides no cited evidence of active exploitation. The described condition is an error-handling resource leak, not a documented remote code execution path. Practical impact depends on whether the driver is reachable and the failure condition can be triggered.

Researcher notes

The record lacks CVSS, CWE, and exploitability detail. Analysis should focus on driver presence, hardware relevance, and whether downstream vendor kernels include one of the stable fixes. Avoid assuming impact beyond the documented ioremap/iounmap imbalance.

Mitigation direction

  • Update to a vendor kernel containing the referenced stable fix.
  • Check Linux distribution advisories for the corrected package version.
  • Prioritize systems using MEN Z188 ADC hardware or the affected driver.
  • If patching is delayed, review vendor guidance for disabling unused drivers.

Validation and detection

  • Inventory kernels and map them to distribution-fixed versions.
  • Check whether the men_z188_adc driver is built, installed, or loaded.
  • Confirm the relevant stable commit is present in kernel source.
  • Review asset lists for MEN Z188 ADC hardware usage.
Prepared
Confidence
medium
Sources
10

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cve · low confidence lookup

CVE-2022-48928 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
3Timeline events
1ADP providers
9Source links

SSVC decision data

CISA-ADPCISA Coordinator
Timestamp
Version
2.0.3
Exploitation: noneAutomatable: noTechnical Impact: partial

Vulnerability timeline

Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.

  1. CVE reservedCVE Program

    The CVE ID was reserved by the assigning CNA.

  2. CVE publishedCVE Program

    The CVE record was published.

  3. CVE updatedCVE Program

    The CVE record metadata indicates this as the latest update time.

ADP provider summaries

CISA-ADPCISA ADP Vulnrichment
other:ssvc
Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
LinuxLinux74aeac4da66fbfa246edbfc849002eac9b5af9ca, 74aeac4da66fbfa246edbfc849002eac9b5af9ca, 74aeac4da66fbfa246edbfc849002eac9b5af9ca, 74aeac4da66fbfa246edbfc849002eac9b5af9ca, 74aeac4da66fbfa246edbfc849002eac9b5af9ca, 74aeac4da66fbfa246edbfc849002eac9b5af9ca, 74aeac4da66fbfa246edbfc849002eac9b5af9ca, 74aeac4da66fbfa246edbfc849002eac9b5af9caunaffected
LinuxLinux3.15, 0, 4.9.304, 4.14.269, 4.19.232, 5.4.182, 5.10.103, 5.15.26, 5.16.12, 5.17affected
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.