| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025123013-CVE-2022-50813-7c39@gregkh> Date: Tue, 30 Dec 2025 13:09:17 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2022-50813: drivers: mcb: fix resource leak in mcb_probe() From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: drivers: mcb: fix resource leak in mcb_probe() When probe hook function failed in mcb_probe(), it doesn't put the device. Compiled test only. The Linux kernel CVE team has assigned CVE-2022-50813 to this issue. Affected and fixed versions =========================== Issue introduced in 4.7 with commit 7bc364097a89a0a9a5e5e4989d6b3e6fb2027a9e and fixed in 4.9.337 with commit 531ac7b911a962b3b29565dad6ea6b5c3fad3317 Issue introduced in 4.7 with commit 7bc364097a89a0a9a5e5e4989d6b3e6fb2027a9e and fixed in 4.14.303 with commit 6f3467aa5712e6b5550e75a16454b3f17aa1f380 Issue introduced in 4.7 with commit 7bc364097a89a0a9a5e5e4989d6b3e6fb2027a9e and fixed in 4.19.270 with commit e420ca85bf42a684ea729c505c07de6709500ed2 Issue introduced in 4.7 with commit 7bc364097a89a0a9a5e5e4989d6b3e6fb2027a9e and fixed in 5.4.229 with commit 68e54d9ee8222d7805a0b9d3e1c37b8cf3be536a Issue introduced in 4.7 with commit 7bc364097a89a0a9a5e5e4989d6b3e6fb2027a9e and fixed in 5.10.163 with commit 0d1c2c8db28919c4351000d7c1692f1767bdc4f7 Issue introduced in 4.7 with commit 7bc364097a89a0a9a5e5e4989d6b3e6fb2027a9e and fixed in 5.15.86 with commit f3686e5e8de0a03c8e70e3ee0ce3078fed612909 Issue introduced in 4.7 with commit 7bc364097a89a0a9a5e5e4989d6b3e6fb2027a9e and fixed in 6.0.16 with commit 0a23dda78946f604ff752fe223c3c1f4fa6dd7b4 Issue introduced in 4.7 with commit 7bc364097a89a0a9a5e5e4989d6b3e6fb2027a9e and fixed in 6.1.2 with commit 0468a585710bbb807a1b9c31df54bcf564d28b2b Issue introduced in 4.7 with commit 7bc364097a89a0a9a5e5e4989d6b3e6fb2027a9e and fixed in 6.2 with commit d7237462561fcd224fa687c56ccb68629f50fc0d Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-50813 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/mcb/mcb-core.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/531ac7b911a962b3b29565dad6ea6b5c3fad3317 https://git.kernel.org/stable/c/6f3467aa5712e6b5550e75a16454b3f17aa1f380 https://git.kernel.org/stable/c/e420ca85bf42a684ea729c505c07de6709500ed2 https://git.kernel.org/stable/c/68e54d9ee8222d7805a0b9d3e1c37b8cf3be536a https://git.kernel.org/stable/c/0d1c2c8db28919c4351000d7c1692f1767bdc4f7 https://git.kernel.org/stable/c/f3686e5e8de0a03c8e70e3ee0ce3078fed612909 https://git.kernel.org/stable/c/0a23dda78946f604ff752fe223c3c1f4fa6dd7b4 https://git.kernel.org/stable/c/0468a585710bbb807a1b9c31df54bcf564d28b2b https://git.kernel.org/stable/c/d7237462561fcd224fa687c56ccb68629f50fc0d
Powered by blists - more mailing lists