CVE-2022-50566Missing Release of Resource after Effective Lifetime in Linux

CWE-772Missing Release of Resource after Effective Lifetime6 documents5 sources
Severity
5.5MEDIUM
No vector
EPSS
0.1%
top 75.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 22

Description

In the Linux kernel, the following vulnerability has been resolved: mtd: Fix device name leak when register device failed in add_mtd_device() There is a kmemleak when register device failed: unreferenced object 0xffff888101aab550 (size 8): comm "insmod", pid 3922, jiffies 4295277753 (age 925.408s) hex dump (first 8 bytes): 6d 74 64 30 00 88 ff ff mtd0.... backtrace: [] __kmalloc_node_track_caller+0x4e/0x150 [] kvasprintf+0xb0/0x130 [] kobject_set_name_vargs+0x2f/0xb0 [] dev_set_name+0xab/0xe0

Affected Packages4 packages

Linuxlinux/linux_kernel2.6.304.9.337+7
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linux1f24b5a8ecbb2a3c7080f418974d40e3ffedb221a75f45afa932bfb24a2603ebcea5efd2e7cdcfd6+9
debiandebian/linux< linux 6.1.4-1 (bookworm)

🔴Vulnerability Details

3
OSV
CVE-2022-50566: In the Linux kernel, the following vulnerability has been resolved: mtd: Fix device name leak when register device failed in add_mtd_device() There is2025-10-22
OSV
mtd: Fix device name leak when register device failed in add_mtd_device()2025-10-22
GHSA
GHSA-vc9x-p9c7-wp9p: In the Linux kernel, the following vulnerability has been resolved: mtd: Fix device name leak when register device failed in add_mtd_device() There2025-10-22

📋Vendor Advisories

2
Red Hat
kernel: Kernel: Denial of Service due to memory leak during device registration2025-10-22
Debian
CVE-2022-50566: linux - In the Linux kernel, the following vulnerability has been resolved: mtd: Fix de...2022