5.5
CVE-2022-50352
- EPSS 0.15%
- Veröffentlicht 16.09.2025 16:11:43
- Zuletzt bearbeitet 14.01.2026 19:16:06
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
net: hns: fix possible memory leak in hnae_ae_register()
In the Linux kernel, the following vulnerability has been resolved:
net: hns: fix possible memory leak in hnae_ae_register()
Inject fault while probing module, if device_register() fails,
but the refcount of kobject is not decreased to 0, the name
allocated in dev_set_name() is leaked. Fix this by calling
put_device(), so that name can be freed in callback function
kobject_cleanup().
unreferenced object 0xffff00c01aba2100 (size 128):
comm "systemd-udevd", pid 1259, jiffies 4294903284 (age 294.152s)
hex dump (first 32 bytes):
68 6e 61 65 30 00 00 00 18 21 ba 1a c0 00 ff ff hnae0....!......
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<0000000034783f26>] slab_post_alloc_hook+0xa0/0x3e0
[<00000000748188f2>] __kmem_cache_alloc_node+0x164/0x2b0
[<00000000ab0743e8>] __kmalloc_node_track_caller+0x6c/0x390
[<000000006c0ffb13>] kvasprintf+0x8c/0x118
[<00000000fa27bfe1>] kvasprintf_const+0x60/0xc8
[<0000000083e10ed7>] kobject_set_name_vargs+0x3c/0xc0
[<000000000b87affc>] dev_set_name+0x7c/0xa0
[<000000003fd8fe26>] hnae_ae_register+0xcc/0x190 [hnae]
[<00000000fe97edc9>] hns_dsaf_ae_init+0x9c/0x108 [hns_dsaf]
[<00000000c36ff1eb>] hns_dsaf_probe+0x548/0x748 [hns_dsaf]Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.4 < 4.9.332
Linux ≫ Linux Kernel Version >= 4.10 < 4.14.298
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.264
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.221
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.152
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.76
Linux ≫ Linux Kernel Version >= 5.16 < 6.0.6
Linux ≫ Linux Kernel Version6.1 Updaterc1
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.043 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/a3c148955c22fe1d94d7a2096005679c1f22eddf
https://git.kernel.org/stable/c/3b78453cca046d3b03853f0d077ad3ad130db886
https://git.kernel.org/stable/c/7ae1345f6ad715acbcdc9e1ac28153684fd498bb
https://git.kernel.org/stable/c/dfc0337c6dceb6449403b33ecb141f4a1458a1e9
https://git.kernel.org/stable/c/2974f3b330ef25f5d34a4948d04290c2cd7802cf
https://git.kernel.org/stable/c/91f8f5342bee726ed5692583d58f69e7cc9ae60e
https://git.kernel.org/stable/c/02dc0db19d944b4a90941db505ecf1aaec714be4
https://git.kernel.org/stable/c/ff2f5ec5d009844ec28f171123f9e58750cef4bf