CVE-2022-50740

EUVD-2022-55821

24.12.2025, 13:16

In the Linux kernel, the following vulnerability has been resolved:

wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs()

Syzkaller reports a long-known leak of urbs in
ath9k_hif_usb_dealloc_tx_urbs().

The cause of the leak is that usb_get_urb() is called but usb_free_urb()
(or usb_put_urb()) is not called inside usb_kill_urb() as urb->dev or
urb->ep fields have not been initialized and usb_kill_urb() returns
immediately.

The patch removes trying to kill urbs located in hif_dev->tx.tx_buf
because hif_dev->tx.tx_buf is not supposed to contain urbs which are in
pending state (the pending urbs are stored in hif_dev->tx.tx_pending).
The tx.tx_lock is acquired so there should not be any changes in the list.

Found by Linux Verification Center (linuxtesting.org) with Syzkaller.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	UNKNOWN				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 14%

Debian Releases

Debian Product

Codename

linux

bookworm	6.1.148-1 fixed
bookworm (security)	6.1.158-1 fixed
bullseye	5.10.223-1 fixed
bullseye (security)	5.10.247-1 fixed
forky	6.17.12-1 fixed
sid	6.17.13-1 fixed
trixie	6.12.57-1 fixed
trixie (security)	6.12.48-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

linux

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
noble	needs-triage
plucky	needs-triage
questing	needs-triage
trusty	needs-triage
xenial	needs-triage

linux-hwe

bionic	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
xenial	needs-triage

linux-hwe-5.4

bionic	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-hwe-5.8

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-hwe-5.11

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-hwe-5.13

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-hwe-5.15

focal	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-hwe-5.19

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-hwe-6.2

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-hwe-6.5

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-hwe-6.8

jammy	needs-triage
noble	dne
plucky	dne
questing	dne

linux-hwe-6.11

jammy	dne
noble	ignored
plucky	dne
questing	dne

linux-hwe-6.14

jammy	dne
noble	needs-triage
plucky	dne
questing	dne

linux-hwe-edge

bionic	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne
xenial	ignored

linux-lts-xenial

jammy	dne
noble	dne
plucky	dne
questing	dne
trusty	needs-triage

linux-kvm

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
noble	dne
plucky	dne
questing	dne
xenial	needs-triage

linux-allwinner-5.19

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-aws

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
noble	needs-triage
plucky	needs-triage
questing	needs-triage
trusty	needs-triage
xenial	needs-triage

linux-aws-5.0

bionic	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-aws-5.3

bionic	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-aws-5.4

bionic	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-aws-5.8

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-aws-5.11

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-aws-5.13

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-aws-5.15

focal	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-aws-5.19

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-aws-6.2

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-aws-6.5

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-aws-6.8

jammy	needs-triage
noble	dne
plucky	dne
questing	dne

linux-aws-6.14

jammy	dne
noble	needs-triage
plucky	dne
questing	dne

linux-aws-hwe

jammy	dne
noble	dne
plucky	dne
questing	dne
xenial	needs-triage

linux-azure

bionic	ignored
focal	needs-triage
jammy	needs-triage
noble	needs-triage
plucky	needs-triage
questing	needs-triage
trusty	needs-triage
xenial	needs-triage

linux-azure-4.15

bionic	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-azure-5.3

bionic	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-azure-5.4

bionic	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-azure-nvidia

jammy	dne
noble	needs-triage
plucky	dne
questing	dne

linux-azure-5.8

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-azure-5.11

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-azure-5.13

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-azure-5.15

focal	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-azure-5.19

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-azure-6.2

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-azure-6.5

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-azure-6.8

jammy	needs-triage
noble	dne
plucky	dne
questing	dne

linux-azure-6.11

jammy	dne
noble	ignored
plucky	dne
questing	dne

linux-azure-6.14

jammy	dne
noble	needs-triage
plucky	dne
questing	dne

linux-azure-fde

focal	ignored
jammy	needs-triage
noble	needs-triage
plucky	needs-triage
questing	dne

linux-azure-fde-5.15

focal	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-azure-fde-5.19

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-azure-fde-6.2

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-azure-fde-6.8

jammy	needs-triage
noble	dne
plucky	dne
questing	dne

linux-azure-fde-6.14

jammy	dne
noble	needs-triage
plucky	dne
questing	dne

linux-azure-nvidia-6.14

jammy	dne
noble	needs-triage
plucky	dne
questing	dne

linux-bluefield

focal	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-azure-edge

bionic	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-fips

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
noble	needs-triage
plucky	dne
questing	dne
xenial	needs-triage

linux-aws-fips

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
noble	needs-triage
plucky	dne
questing	dne

linux-azure-fips

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
noble	needs-triage
plucky	dne
questing	dne

linux-gcp-fips

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
noble	needs-triage
plucky	dne
questing	dne

linux-gcp

bionic	ignored
focal	needs-triage
jammy	needs-triage
noble	needs-triage
plucky	needs-triage
questing	needs-triage
xenial	needs-triage

linux-gcp-4.15

bionic	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-gcp-5.3

bionic	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-gcp-5.4

bionic	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-gcp-5.8

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-gcp-5.11

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-gcp-5.13

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-gcp-5.15

focal	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-gcp-5.19

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-gcp-6.2

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-gcp-6.5

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-gcp-6.8

jammy	needs-triage
noble	dne
plucky	dne
questing	dne

linux-gcp-6.11

jammy	dne
noble	ignored
plucky	dne
questing	dne

linux-gcp-6.14

jammy	dne
noble	needs-triage
plucky	dne
questing	dne

linux-gke

focal	ignored
jammy	needs-triage
noble	needs-triage
plucky	dne
questing	dne

linux-gke-4.15

bionic	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-gke-5.4

bionic	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-gke-5.15

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-gkeop

focal	ignored
jammy	needs-triage
noble	needs-triage
plucky	dne
questing	dne

linux-gkeop-5.4

bionic	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-gkeop-5.15

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-ibm

focal	needs-triage
jammy	needs-triage
noble	needs-triage
plucky	dne
questing	dne

linux-ibm-5.4

bionic	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-ibm-5.15

focal	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-ibm-6.8

jammy	needs-triage
noble	dne
plucky	dne
questing	dne

linux-intel-5.13

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-intel-iotg

jammy	needs-triage
noble	dne
plucky	dne
questing	dne

linux-intel-iotg-5.15

focal	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-iot

focal	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-intel-iot-realtime

jammy	needs-triage
noble	dne
plucky	dne
questing	dne

linux-lowlatency

jammy	needs-triage
noble	needs-triage
plucky	dne
questing	dne

linux-lowlatency-hwe-5.15

focal	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-lowlatency-hwe-5.19

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-lowlatency-hwe-6.2

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-lowlatency-hwe-6.5

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-lowlatency-hwe-6.8

jammy	needs-triage
noble	dne
plucky	dne
questing	dne

linux-lowlatency-hwe-6.11

jammy	dne
noble	ignored
plucky	dne
questing	dne

linux-nvidia

jammy	needs-triage
noble	needs-triage
plucky	dne
questing	dne

linux-nvidia-6.2

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-nvidia-6.5

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-nvidia-6.8

jammy	needs-triage
noble	dne
plucky	dne
questing	dne

linux-nvidia-6.11

jammy	dne
noble	ignored
plucky	dne
questing	dne

linux-nvidia-lowlatency

jammy	dne
noble	needs-triage
plucky	dne
questing	dne

linux-nvidia-tegra

jammy	needs-triage
noble	needs-triage
plucky	dne
questing	dne

linux-nvidia-tegra-5.15

focal	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-nvidia-tegra-igx

jammy	needs-triage
noble	dne
plucky	dne
questing	dne

linux-oracle

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
noble	needs-triage
plucky	needs-triage
questing	needs-triage
xenial	needs-triage

linux-oracle-5.0

bionic	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-oracle-5.3

bionic	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-oracle-5.4

bionic	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-oracle-5.8

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-oracle-5.11

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-oracle-5.13

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-oracle-5.15

focal	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-oracle-6.5

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-oracle-6.8

jammy	needs-triage
noble	dne
plucky	dne
questing	dne

linux-oracle-6.14

jammy	dne
noble	needs-triage
plucky	dne
questing	dne

linux-oem

bionic	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-oem-5.6

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-oem-5.10

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-oem-5.13

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-oem-5.14

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-oem-5.17

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-oem-6.0

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-oem-6.1

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-oem-6.5

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-oem-6.8

jammy	dne
noble	ignored
plucky	dne
questing	dne

linux-oem-6.11

jammy	dne
noble	ignored
plucky	dne
questing	dne

linux-oem-6.14

jammy	dne
noble	needs-triage
plucky	dne
questing	dne

linux-oem-6.17

jammy	dne
noble	needs-triage
plucky	dne
questing	dne

linux-raspi

focal	needs-triage
jammy	needs-triage
noble	needs-triage
plucky	needs-triage
questing	needs-triage

linux-raspi2

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-raspi-5.4

bionic	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-raspi-realtime

jammy	dne
noble	needs-triage
plucky	dne
questing	dne

linux-realtime

jammy	needs-triage
noble	needs-triage
plucky	needs-triage
questing	needs-triage

linux-realtime-6.8

jammy	needs-triage
noble	dne
plucky	dne
questing	dne

linux-realtime-6.14

jammy	dne
noble	needs-triage
plucky	dne
questing	dne

linux-riscv

focal	ignored
jammy	ignored
noble	ignored
plucky	needs-triage
questing	needs-triage

linux-riscv-5.8

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-riscv-5.11

focal	ignored
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-riscv-5.15

focal	needs-triage
jammy	dne
noble	dne
plucky	dne
questing	dne

linux-riscv-5.19

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-riscv-6.5

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-riscv-6.8

jammy	needs-triage
noble	dne
plucky	dne
questing	dne

linux-riscv-6.14

jammy	dne
noble	ignored
plucky	dne
questing	dne

linux-starfive-5.19

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-starfive-6.2

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-starfive-6.5

jammy	ignored
noble	dne
plucky	dne
questing	dne

linux-xilinx

jammy	dne
noble	needs-triage
plucky	needs-triage
questing	dne

linux-xilinx-zynqmp

focal	needs-triage
jammy	needs-triage
noble	dne
plucky	dne
questing	dne

Vulnerability Media Exposure

[GERMAN] Linux Kernel: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um nicht näher spezifizierte Angriffe durchzuführen, die möglicherweise zu einer Denial-of-Service- Bedingung führen oder eine Speicherbeschädigung verursachen können.
Published: 2025-12-28T23:00:00+00:00

References

https://git.kernel.org/stable/c/08aa0537ec8cf29ceccae98acc1a534fc12598c1

https://git.kernel.org/stable/c/134ae5eba41294eff76e4be20d6001b8f0192207

https://git.kernel.org/stable/c/472312fef2b9eccaa03bd59e0ab2527da945e736

https://git.kernel.org/stable/c/9850791d389b342ae6e573fe8198db0b4d338352

https://git.kernel.org/stable/c/c05189a429fdb371dd455c3c466d67ac2ebff152

https://git.kernel.org/stable/c/c2a94de38c74e86f49124ac14f093d6a5c377a90

https://git.kernel.org/stable/c/c3fb3e9a2c0c1a0fa492d90eb19bcfa92a5f884d

https://git.kernel.org/stable/c/d856f7574bcc1d81de565a857caf32f122cd7ce0

https://git.kernel.org/stable/c/eddbb8f7620f9f8008b090a6e10c460074ca575a