CVE-2022-50557

22.10.2025, 14:15

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: thunderbay: fix possible memory leak in thunderbay_build_functions()

The thunderbay_add_functions() will free memory of thunderbay_funcs
when everything is ok, but thunderbay_funcs will not be freed when
thunderbay_add_functions() fails, then there will be a memory leak,
so we need to add kfree() when thunderbay_add_functions() fails to
fix it.

In addition, doing some cleaner works, moving kfree(funcs) from
thunderbay_add_functions() to thunderbay_build_functions().

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
Linux	CNA	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 4%

Debian Releases

Debian Product

Codename

linux

bullseye	5.10.223-1 not-affected
bullseye (security)	5.10.244-1 fixed
bookworm	6.1.148-1 fixed
bookworm (security)	6.1.153-1 fixed
trixie	6.12.43-1 fixed
trixie (security)	6.12.48-1 fixed
forky	6.16.9-1 fixed
sid	6.16.12-2 fixed

References

https://git.kernel.org/stable/c/3650943bab29d03ef147290451237713ed1942cd

https://git.kernel.org/stable/c/83e1bcaf8cef26edaaf2a6098ef760f563683483

https://git.kernel.org/stable/c/aae4846e8e49044cb51d0276bec2a3fc2d5cd8da