CVE-2022-50500 — Missing Release of Memory after Effective Lifetime in Linux

CWE-401 — Missing Release of Memory after Effective Lifetime CWE-772 — Missing Release of Resource after Effective Lifetime5 documents5 sources

Severity

5.5MEDIUMNVD

EPSS

0.0%

top 95.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedOct 4

Description

In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix memory leak in nsim_drv_probe() when nsim_dev_resources_register() failed If some items in nsim_dev_resources_register() fail, memory leak will occur. The following is the memory leak information. unreferenced object 0xffff888074c02600 (size 128): comm "echo", pid 8159, jiffies 4294945184 (age 493.530s) hex dump (first 32 bytes): 40 47 ea 89 ff ff ff ff 01 00 00 00 00 00 00 00 @G.............. ff ff ff ff ff ff…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

▶NVDlinux/linux_kernel4.17 — 6.0.7+1

▶Debianlinux/linux_kernel< 6.0.7-1+2

▶CVEListV5linux/linux37923ed6b8cea94d7d76038e2f72c57a0b45daab — 7c4957fe40e2a628b7cceaf4c9bfb5b701774d05+2

▶debiandebian/linux< linux 6.0.7-1 (bookworm)

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-6mpc-qpfh-2q9r: In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix memory leak in nsim_drv_probe() when nsim_dev_resources_register()↗2025-10-04

▶

OSV

CVE-2022-50500: In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix memory leak in nsim_drv_probe() when nsim_dev_resources_register()↗2025-10-04

▶

📋Vendor Advisories

Red Hat

kernel: netdevsim: fix memory leak in nsim_drv_probe() when nsim_dev_resources_register() failed↗2025-10-04

▶

Debian

CVE-2022-50500: linux - In the Linux kernel, the following vulnerability has been resolved: netdevsim: ...↗2022

▶