CVE-2022-50489 — Incomplete Cleanup in Linux

CWE-459 — Incomplete Cleanup5 documents5 sources

Severity

5.5MEDIUMNVD

EPSS

0.0%

top 97.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedOct 4

Description

In the Linux kernel, the following vulnerability has been resolved: drm/mipi-dsi: Detach devices when removing the host Whenever the MIPI-DSI host is unregistered, the code of mipi_dsi_host_unregister() loops over every device currently found on that bus and will unregister it. However, it doesn't detach it from the bus first, which leads to all kind of resource leaks if the host wants to perform some clean up whenever a device is detached.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

▶NVDlinux/linux_kernel3.14 — 4.9.331+7

▶Debianlinux/linux_kernel< 5.10.158-1+3

▶CVEListV5linux/linux068a00233969833f1ba925e7627797489efd6041 — c202cda08cd5693645d4990ad1eb2e8068a884ec+9

▶debiandebian/linux< linux 6.0.3-1 (bookworm)

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

OSV

CVE-2022-50489: In the Linux kernel, the following vulnerability has been resolved: drm/mipi-dsi: Detach devices when removing the host Whenever the MIPI-DSI host is↗2025-10-04

▶

GHSA

GHSA-5xpc-qj79-9qw9: In the Linux kernel, the following vulnerability has been resolved: drm/mipi-dsi: Detach devices when removing the host Whenever the MIPI-DSI host i↗2025-10-04

▶

📋Vendor Advisories

Red Hat

kernel: drm/mipi-dsi: Detach devices when removing the host↗2025-10-04

▶

Debian

CVE-2022-50489: linux - In the Linux kernel, the following vulnerability has been resolved: drm/mipi-ds...↗2022

▶