5.5
CVE-2022-50537
- EPSS 0.15%
- Veröffentlicht 07.10.2025 15:21:03
- Zuletzt bearbeitet 26.02.2026 23:16:38
- CVE-Watchlists
- Unerledigt
firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe()
In the Linux kernel, the following vulnerability has been resolved: firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe() In rpi_firmware_probe(), if mbox_request_channel() fails, the 'fw' will not be freed through rpi_firmware_delete(), fix this leak by calling kfree() in the error path.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.10.65 < 5.10.163
Linux ≫ Linux Kernel Version >= 5.13 < 5.15.86
Linux ≫ Linux Kernel Version >= 5.16 < 6.0.16
Linux ≫ Linux Kernel Version >= 6.1 < 6.1.2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.042 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/62ac943eb2a9d655e431b9bc98ff6d7bd51a0e49
https://git.kernel.org/stable/c/d34742245e4366579f9a80f8cfe4a63248e838e0
https://git.kernel.org/stable/c/b308fdedef095aac14569f810d46edf773ea7d1e
https://git.kernel.org/stable/c/6757dd2193fe18c5c5fe3050e7f2ff9dcbd1ff34
https://git.kernel.org/stable/c/71d2abab374f707ab8ac8dcef191fd2b3b67b8bd
https://git.kernel.org/stable/c/7b51161696e803fd5f9ad55b20a64c2df313f95c