CVE-2022-50772Missing Release of Resource after Effective Lifetime in Linux

CWE-772Missing Release of Resource after Effective Lifetime7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 92.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix memory leak in nsim_bus_dev_new() If device_register() failed in nsim_bus_dev_new(), the value of reference in nsim_bus_dev->dev is 1. obj->name in nsim_bus_dev->dev will not be released. unreferenced object 0xffff88810352c480 (size 16): comm "echo", pid 5691, jiffies 4294945921 (age 133.270s) hex dump (first 16 bytes): 6e 65 74 64 65 76 73 69 6d 31 00 00 00 00 00 00 netdevsim1...... backtrace: [] __kmalloc_nod

Affected Packages4 packages

Linuxlinux/linux_kernel5.2.06.0.7
Debianlinux/linux_kernel< 6.0.7-1+2
CVEListV5linux/linux40e4fe4ce115c409c3e2fbb247085103ef1cc75577579e4065295071fbd9662f03430dca5b50b086+2
debiandebian/linux< linux 6.0.7-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-mx2m-7wfj-355r: In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix memory leak in nsim_bus_dev_new() If device_register() failed in2025-12-24
OSV
netdevsim: fix memory leak in nsim_bus_dev_new()2025-12-24
OSV
CVE-2022-50772: In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix memory leak in nsim_bus_dev_new() If device_register() failed in ns2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: Linux kernel: Denial of Service due to memory leak in netdevsim2025-12-24
Debian
CVE-2022-50772: linux - In the Linux kernel, the following vulnerability has been resolved: netdevsim: ...2022

🕵️Threat Intelligence

1
Wiz
CVE-2022-50772 Impact, Exploitability, and Mitigation Steps | Wiz