CVE-2022-50829Use After Free in Linux

CWE-416Use After Free7 documents6 sources
Severity
6.2MEDIUM
No vector
EPSS
0.0%
top 84.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() It is possible that skb is freed in ath9k_htc_rx_msg(), then usb_submit_urb() fails and we try to free skb again. It causes use-after-free bug. Moreover, if alloc_skb() fails, urb->context becomes NULL but rx_buf is not freed and there can be a memory leak. The patch removes unnecessary nskb and makes skb processing more clear: it is supposed that ath9k_htc

Affected Packages4 packages

Linuxlinux/linux_kernel3.0.04.9.337+7
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linux3deff76095c4ac4252e27c537db3041f619c23a25e8751a977a49a6e00cce1a8da5ca16da83f9c8c+9
debiandebian/linux< linux 6.1.4-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-m2j8-j8ph-hxxh: In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() It is poss2025-12-30
OSV
CVE-2022-50829: In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() It is possib2025-12-30
OSV
wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb()2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb()2025-12-30
Debian
CVE-2022-50829: linux - In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k...2022

🕵️Threat Intelligence

1
Wiz
CVE-2022-50829 Impact, Exploitability, and Mitigation Steps | Wiz