CVE-2022-50281

15.09.2025, 15:15

In the Linux kernel, the following vulnerability has been resolved:

MIPS: SGI-IP27: Fix platform-device leak in bridge_platform_create()

In error case in bridge_platform_create after calling
platform_device_add()/platform_device_add_data()/
platform_device_add_resources(), release the failed
'pdev' or it will be leak, call platform_device_put()
to fix this problem.

Besides, 'pdev' is divided into 'pdev_wd' and 'pdev_bd',
use platform_device_unregister() to release sgi_w1
resources when xtalk-bridge registration fails.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
Linux	CNA	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Debian Releases

Debian Product

Codename

linux

bullseye	5.10.223-1 fixed
bullseye (security)	5.10.237-1 fixed
bookworm	6.1.148-1 fixed
bookworm (security)	6.1.147-1 fixed
trixie	6.12.43-1 fixed
trixie (security)	6.12.41-1 fixed
forky	6.16.3-1 fixed
sid	6.16.7-1 fixed

References

https://git.kernel.org/stable/c/11bec9cba4de06b3c0e9e4041453c2caaa1cbec1

https://git.kernel.org/stable/c/48025893b3e31b917ad654d28d23fff66681cac4

https://git.kernel.org/stable/c/93296e7ab774230b7c36541dead10b6da39b650f

https://git.kernel.org/stable/c/d7ac29e60d0ff71e9e414af595b8c92800f7fa90

https://git.kernel.org/stable/c/da2aecef866b476438d02c662507a0e4e818da9d