CVE-2022-50418 — Missing Release of Memory after Effective Lifetime in Linux
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 97.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 18
Description
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath11k: mhi: fix potential memory leak in ath11k_mhi_register()
mhi_alloc_controller() allocates a memory space for mhi_ctrl. When gets
some error, mhi_ctrl should be freed with mhi_free_controller(). But
when ath11k_mhi_read_addr_from_dt() fails, the function returns without
calling mhi_free_controller(), which will lead to a memory leak.
We can fix it by calling mhi_free_controller() when
ath11k_mhi_read_addr_from_dt(…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages7 packages
▶CVEListV5linux/linuxd5c65159f2895379e11ca13f62feabe93278985d — 72ef896e80b6ec7cdc1dd42577045f8e7c9c32b3+3
Patches
🔴Vulnerability Details
2OSV▶
CVE-2022-50418: In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: mhi: fix potential memory leak in ath11k_mhi_register() mhi_alloc_co↗2025-09-18
GHSA▶
GHSA-pcpm-w6gc-fm98: In the Linux kernel, the following vulnerability has been resolved:
wifi: ath11k: mhi: fix potential memory leak in ath11k_mhi_register()
mhi_alloc_↗2025-09-18
📋Vendor Advisories
3Debian▶
CVE-2022-50418: linux - In the Linux kernel, the following vulnerability has been resolved: wifi: ath11...↗2022