CVE-2022-50854Missing Release of Memory after Effective Lifetime in Linux

7 documents6 sources
Severity
N/A
No vector
EPSS
0.0%
top 93.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: nfc: virtual_ncidev: Fix memory leak in virtual_nci_send() skb should be free in virtual_nci_send(), otherwise kmemleak will report memleak. Steps for reproduction (simulated in qemu): cd tools/testing/selftests/nci make ./nci_dev BUG: memory leak unreferenced object 0xffff888107588000 (size 208): comm "nci_dev", pid 206, jiffies 4294945376 (age 368.248s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0

Affected Packages4 packages

Linuxlinux/linux_kernel5.12.05.15.77+1
Debianlinux/linux_kernel< 6.0.7-1+2
CVEListV5linux/linuxe624e6c3e777fb3dfed036b9da4d433aee3608a588e879c9f59511174ef0ab1a3c9c83e2dbf8a213+3
debiandebian/linux< linux 6.0.7-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-7h7x-whhw-m2r2: In the Linux kernel, the following vulnerability has been resolved: nfc: virtual_ncidev: Fix memory leak in virtual_nci_send() skb should be free in2025-12-30
OSV
CVE-2022-50854: In the Linux kernel, the following vulnerability has been resolved: nfc: virtual_ncidev: Fix memory leak in virtual_nci_send() skb should be free in v2025-12-30
OSV
nfc: virtual_ncidev: Fix memory leak in virtual_nci_send()2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: nfc: virtual_ncidev: Fix memory leak in virtual_nci_send()2025-12-30
Debian
CVE-2022-50854: linux - In the Linux kernel, the following vulnerability has been resolved: nfc: virtua...2022

🕵️Threat Intelligence

1
Wiz
CVE-2022-50854 Impact, Exploitability, and Mitigation Steps | Wiz