CVE-2022-50352
16.09.2025, 17:15
In the Linux kernel, the following vulnerability has been resolved:
net: hns: fix possible memory leak in hnae_ae_register()
Inject fault while probing module, if device_register() fails,
but the refcount of kobject is not decreased to 0, the name
allocated in dev_set_name() is leaked. Fix this by calling
put_device(), so that name can be freed in callback function
kobject_cleanup().
unreferenced object 0xffff00c01aba2100 (size 128):
comm "systemd-udevd", pid 1259, jiffies 4294903284 (age 294.152s)
hex dump (first 32 bytes):
68 6e 61 65 30 00 00 00 18 21 ba 1a c0 00 ff ff hnae0....!......
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<0000000034783f26>] slab_post_alloc_hook+0xa0/0x3e0
[<00000000748188f2>] __kmem_cache_alloc_node+0x164/0x2b0
[<00000000ab0743e8>] __kmalloc_node_track_caller+0x6c/0x390
[<000000006c0ffb13>] kvasprintf+0x8c/0x118
[<00000000fa27bfe1>] kvasprintf_const+0x60/0xc8
[<0000000083e10ed7>] kobject_set_name_vargs+0x3c/0xc0
[<000000000b87affc>] dev_set_name+0x7c/0xa0
[<000000003fd8fe26>] hnae_ae_register+0xcc/0x190 [hnae]
[<00000000fe97edc9>] hns_dsaf_ae_init+0x9c/0x108 [hns_dsaf]
[<00000000c36ff1eb>] hns_dsaf_probe+0x548/0x748 [hns_dsaf]Enginsight| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 4.4 ≤ 𝑥 < 4.9.332 |
| linux | linux_kernel | 4.10 ≤ 𝑥 < 4.14.298 |
| linux | linux_kernel | 4.15 ≤ 𝑥 < 4.19.264 |
| linux | linux_kernel | 4.20 ≤ 𝑥 < 5.4.221 |
| linux | linux_kernel | 5.5 ≤ 𝑥 < 5.10.152 |
| linux | linux_kernel | 5.11 ≤ 𝑥 < 5.15.76 |
| linux | linux_kernel | 5.16 ≤ 𝑥 < 6.0.6 |
| linux | linux_kernel | 6.1:rc1 |
𝑥
= Vulnerable software versions
Debian Releases
Common Weakness Enumeration
Vulnerability Media Exposure
References