CVE-2022-50355
17.09.2025, 15:15
In the Linux kernel, the following vulnerability has been resolved:
staging: vt6655: fix some erroneous memory clean-up loops
In some initialization functions of this driver, memory is allocated with
'i' acting as an index variable and increasing from 0. The commit in
"Fixes" introduces some clean-up codes in case of allocation failure,
which free memory in reverse order with 'i' decreasing to 0. However,
there are some problems:
- The case i=0 is left out. Thus memory is leaked.
- In case memory allocation fails right from the start, the memory
freeing loops will start with i=-1 and invalid memory locations will
be accessed.
One of these loops has been fixed in commit c8ff91535880 ("staging:
vt6655: fix potential memory leak"). Fix the remaining erroneous loops.Enginsight| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 4.18 ≤ 𝑥 < 4.19.262 |
| linux | linux_kernel | 4.20 ≤ 𝑥 < 5.4.220 |
| linux | linux_kernel | 5.5 ≤ 𝑥 < 5.10.150 |
| linux | linux_kernel | 5.11 ≤ 𝑥 < 5.15.75 |
| linux | linux_kernel | 5.16 ≤ 𝑥 < 5.19.17 |
| linux | linux_kernel | 6.0 ≤ 𝑥 < 6.0.3 |
𝑥
= Vulnerable software versions
Debian Releases
Common Weakness Enumeration
References