CVE-2022-50836 — Missing Release of Memory after Effective Lifetime in Linux

CWE-401 — Missing Release of Memory after Effective Lifetime7 documents6 sources

Severity

3.3LOW

No vector

EPSS

0.0%

top 89.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev() The kfree() should be called when of_irq_get_byname() fails or devm_request_threaded_irq() fails in qcom_add_sysmon_subdev(), otherwise there will be a memory leak, so add kfree() to fix it.

Affected Packages4 packages

▶Linuxlinux/linux_kernel5.1.0 — 5.4.229+4

▶Debianlinux/linux_kernel< 5.10.178-1+3

▶CVEListV5linux/linux027045a6e2b7cd81216e8a559534a30fb0782702 — 27441fab2651cd909d8a5440ca079bc50245f427+6

▶debiandebian/linux< linux 6.1.4-1 (bookworm)

🔴Vulnerability Details

OSV

remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev()↗2025-12-30

▶

OSV

CVE-2022-50836: In the Linux kernel, the following vulnerability has been resolved: remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev() The kfree() should↗2025-12-30

▶

GHSA

GHSA-c5c5-86g3-j5v4: In the Linux kernel, the following vulnerability has been resolved: remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev() The kfree() shou↗2025-12-30

▶

📋Vendor Advisories

Red Hat

kernel: remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev()↗2025-12-30

▶

Debian

CVE-2022-50836: linux - In the Linux kernel, the following vulnerability has been resolved: remoteproc:...↗2022

▶

🕵️Threat Intelligence

Wiz

CVE-2022-50836 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶