-

CVE-2022-50740

EPSS 0.06%
Veröffentlicht 24.12.2025 13:05:38
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs()

In the Linux kernel, the following vulnerability has been resolved:

wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs()

Syzkaller reports a long-known leak of urbs in
ath9k_hif_usb_dealloc_tx_urbs().

The cause of the leak is that usb_get_urb() is called but usb_free_urb()
(or usb_put_urb()) is not called inside usb_kill_urb() as urb->dev or
urb->ep fields have not been initialized and usb_kill_urb() returns
immediately.

The patch removes trying to kill urbs located in hif_dev->tx.tx_buf
because hif_dev->tx.tx_buf is not supposed to contain urbs which are in
pending state (the pending urbs are stored in hif_dev->tx.tx_pending).
The tx.tx_lock is acquired so there should not be any changes in the list.

Found by Linux Verification Center (linuxtesting.org) with Syzkaller.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 12

CNA 2 VulnDex Vulnerability Enrichment 10

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version 6f0706ef39fecc6bf56d67728fe0c94e26b43e9d

Version < 134ae5eba41294eff76e4be20d6001b8f0192207

Status affected

Version 795d57a558d106b8a5bc2bd7aeaf707d9a099244

Version < 472312fef2b9eccaa03bd59e0ab2527da945e736

Status affected

Version df4318440c1568b7dedc5f7d4e617d0e297a1313

Version < eddbb8f7620f9f8008b090a6e10c460074ca575a

Status affected

Version a9990ed2d7ca9339d37c7f67d6f5cb298c3f1b34

Version < 9850791d389b342ae6e573fe8198db0b4d338352

Status affected

Version 03fb92a432ea5abe5909bca1455b7e44a9380480

Version < c3fb3e9a2c0c1a0fa492d90eb19bcfa92a5f884d

Status affected

Version 03fb92a432ea5abe5909bca1455b7e44a9380480

Version < d856f7574bcc1d81de565a857caf32f122cd7ce0

Status affected

Version 03fb92a432ea5abe5909bca1455b7e44a9380480

Version < c05189a429fdb371dd455c3c466d67ac2ebff152

Status affected

Version 03fb92a432ea5abe5909bca1455b7e44a9380480

Version < 08aa0537ec8cf29ceccae98acc1a534fc12598c1

Status affected

Version 03fb92a432ea5abe5909bca1455b7e44a9380480

Version < c2a94de38c74e86f49124ac14f093d6a5c377a90

Status affected

Version b92e116ae36f498858dbb18e29a066c3f5348965

Status affected

Version 7f5972267295fe49f8da8eb42bc2eb3d140860c0

Status affected

Version 2d72d5ce63c92f56b9f978e8befb5838144176b9

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.10

Status affected

Version 0

Version < 5.10

Status unaffected

Version <= 4.9.*

Version 4.9.337

Status unaffected

Version <= 4.14.*

Version 4.14.303

Status unaffected

Version <= 4.19.*

Version 4.19.270

Status unaffected

Version <= 5.4.*

Version 5.4.229

Status unaffected

Version <= 5.10.*

Version 5.10.163

Status unaffected

Version <= 5.15.*

Version 5.15.86

Status unaffected

Version <= 6.0.*

Version 6.0.16

Status unaffected

Version <= 6.1.*

Version 6.1.2

Status unaffected

Version <= *

Version 6.2

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.196

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/134ae5eba41294eff76e4be20d6001b8f0192207

https://git.kernel.org/stable/c/472312fef2b9eccaa03bd59e0ab2527da945e736

https://git.kernel.org/stable/c/eddbb8f7620f9f8008b090a6e10c460074ca575a

https://git.kernel.org/stable/c/9850791d389b342ae6e573fe8198db0b4d338352

https://git.kernel.org/stable/c/c3fb3e9a2c0c1a0fa492d90eb19bcfa92a5f884d

https://git.kernel.org/stable/c/d856f7574bcc1d81de565a857caf32f122cd7ce0

https://git.kernel.org/stable/c/c05189a429fdb371dd455c3c466d67ac2ebff152

https://git.kernel.org/stable/c/08aa0537ec8cf29ceccae98acc1a534fc12598c1

https://git.kernel.org/stable/c/c2a94de38c74e86f49124ac14f093d6a5c377a90

https://nvd.nist.gov/vuln/detail/CVE-2022-50740

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50740

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50740

EUVD