CVE-2022-50561 — Missing Release of Resource after Effective Lifetime in Linux

CWE-772 — Missing Release of Resource after Effective Lifetime6 documents5 sources

Severity

5.5MEDIUM

No vector

EPSS

0.0%

top 92.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedOct 22

Description

In the Linux kernel, the following vulnerability has been resolved: iio: fix memory leak in iio_device_register_eventset() When iio_device_register_sysfs_group() returns failed, iio_device_register_eventset() needs to free attrs array. Otherwise, kmemleak would scan & report memory leak as below: unreferenced object 0xffff88810a1cc3c0 (size 32): comm "100-i2c-vcnl302", pid 728, jiffies 4295052307 (age 156.027s) backtrace: __kmalloc+0x46/0x1b0 iio_device_register_eventset at drivers/iio/indus…

Affected Packages4 packages

▶Linuxlinux/linux_kernel5.13.0 — 5.15.86+2

▶Debianlinux/linux_kernel< 6.1.4-1+2

▶CVEListV5linux/linux32f171724e5cbecc80594fb6eced057cfdd6eb6f — dc6afd6070f3a5b086c8c5cfa6ded63ae44494da+4

▶debiandebian/linux< linux 6.1.4-1 (bookworm)

🔴Vulnerability Details

OSV

CVE-2022-50561: In the Linux kernel, the following vulnerability has been resolved: iio: fix memory leak in iio_device_register_eventset() When iio_device_register_sy↗2025-10-22

▶

OSV

iio: fix memory leak in iio_device_register_eventset()↗2025-10-22

▶

GHSA

GHSA-9xgm-4j53-mch4: In the Linux kernel, the following vulnerability has been resolved: iio: fix memory leak in iio_device_register_eventset() When iio_device_register_↗2025-10-22

▶

📋Vendor Advisories

Red Hat

kernel: iio: fix memory leak in iio_device_register_eventset()↗2025-10-22

▶

Debian

CVE-2022-50561: linux - In the Linux kernel, the following vulnerability has been resolved: iio: fix me...↗2022

▶