CVE-2022-50548 — Missing Release of Memory after Effective Lifetime in Linux

CWE-401 — Missing Release of Memory after Effective Lifetime6 documents6 sources

Severity

5.5MEDIUMNVD

EPSS

0.0%

top 98.22%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedOct 7

Latest updateApr 20

Description

In the Linux kernel, the following vulnerability has been resolved: media: i2c: hi846: Fix memory leak in hi846_parse_dt() If any of the checks related to the supported link frequencies fail, then the V4L2 fwnode resources don't get released before returning, which leads to a memleak. Fix this by properly freeing the V4L2 fwnode data in a designated label.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

▶NVDlinux/linux_kernel5.16 — 6.0.16+1

▶Debianlinux/linux_kernel< 6.1.4-1+2

▶CVEListV5linux/linuxe8c0882685f9152f0d729664a12bcbe749cb7736 — a05a9ae9ef3fffc9bc7ec2bc432a249a01155f6e+3

▶debiandebian/linux< linux 6.1.4-1 (bookworm)

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

VulDB

Linux Kernel up to 6.0.15/6.1.1 media hi846_parse_dt memory leak (EUVD-2025-32009 / WID-SEC-2025-2229)↗2026-04-20

▶

OSV

CVE-2022-50548: In the Linux kernel, the following vulnerability has been resolved: media: i2c: hi846: Fix memory leak in hi846_parse_dt() If any of the checks relate↗2025-10-07

▶

GHSA

GHSA-727r-p73p-m83h: In the Linux kernel, the following vulnerability has been resolved: media: i2c: hi846: Fix memory leak in hi846_parse_dt() If any of the checks rela↗2025-10-07

▶

📋Vendor Advisories

Red Hat

kernel: media: i2c: hi846: Fix memory leak in hi846_parse_dt()↗2025-10-07

▶

Debian

CVE-2022-50548: linux - In the Linux kernel, the following vulnerability has been resolved: media: i2c:...↗2022

▶