5.5

CVE-2022-50326

EPSS 0.03%
Veröffentlicht 15.09.2025 14:49:24
Zuletzt bearbeitet 03.12.2025 19:32:23
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

media: airspy: fix memory leak in airspy probe

The commit ca9dc8d06ab6 ("media: airspy: respect the DMA coherency
 rules") moves variable buf from stack to heap, however, it only frees
buf in the error handling code, missing deallocation in the success
path.

Fix this by freeing buf in the success path since this variable does not
have any references in other code.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.0 < 6.0.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.061

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

https://git.kernel.org/stable/c/f4285dd02b6b2ca3435b65fb62c053dd9408fd71

Patch

https://git.kernel.org/stable/c/23bc5eb55f8c9607965c20d9ddcc13cb1ae59568

Patch

https://nvd.nist.gov/vuln/detail/CVE-2022-50326

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50326

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50326

EUVD