CVE-2022-50499Double Free in Linux

CWE-415Double Free5 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 97.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 4

Description

In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: Fix double free in dvb_register_device() In function dvb_register_device() -> dvb_register_media_device() -> dvb_create_media_entity(), dvb->entity is allocated and initialized. If the initialization fails, it frees the dvb->entity, and return an error code. The caller takes the error code and handles the error by calling dvb_media_device_free(), which unregisters the entity and frees the field again if it is

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

NVDlinux/linux_kernel4.9.1954.9.337+8
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linux9db28659aa893c68f162b11fd63bb7f6a713e52f0588b12c418c3e4f927ced11f27b02ef4a5bfb07+11
debiandebian/linux< linux 6.1.4-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2022-50499: In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: Fix double free in dvb_register_device() In function dvb_register2025-10-04
GHSA
GHSA-vw72-9rh3-2576: In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: Fix double free in dvb_register_device() In function dvb_regist2025-10-04

📋Vendor Advisories

2
Red Hat
kernel: media: dvb-core: Fix double free in dvb_register_device()2025-10-04
Debian
CVE-2022-50499: linux - In the Linux kernel, the following vulnerability has been resolved: media: dvb-...2022