| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025123016-CVE-2022-50832-4207@gregkh> Date: Tue, 30 Dec 2025 13:13:18 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2022-50832: wifi: wilc1000: fix potential memory leak in wilc_mac_xmit() From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix potential memory leak in wilc_mac_xmit() The wilc_mac_xmit() returns NETDEV_TX_OK without freeing skb, add dev_kfree_skb() to fix it. Compile tested only. The Linux kernel CVE team has assigned CVE-2022-50832 to this issue. Affected and fixed versions =========================== Issue introduced in 4.2 with commit c5c77ba18ea66aa05441c71e38473efb787705a4 and fixed in 5.4.235 with commit a12610e83789c838493034e5c50ac5c903ad8c0d Issue introduced in 4.2 with commit c5c77ba18ea66aa05441c71e38473efb787705a4 and fixed in 5.10.173 with commit a1e94fb4d09d0fcfeaa73aa49d787f06c42db7ee Issue introduced in 4.2 with commit c5c77ba18ea66aa05441c71e38473efb787705a4 and fixed in 5.15.99 with commit 5706d00fde3f1d5eb7296a4dfefb6aea35108224 Issue introduced in 4.2 with commit c5c77ba18ea66aa05441c71e38473efb787705a4 and fixed in 6.1.16 with commit 07dcd756e28f27e4f8fcd8b809ffa05a5cc5de2b Issue introduced in 4.2 with commit c5c77ba18ea66aa05441c71e38473efb787705a4 and fixed in 6.2.3 with commit baef42df7de7c35ba60b75a5f96d1eb039f4d782 Issue introduced in 4.2 with commit c5c77ba18ea66aa05441c71e38473efb787705a4 and fixed in 6.3 with commit deb962ec9e1c9a81babd3d37542ad4bd6ac3396e Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-50832 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/net/wireless/microchip/wilc1000/netdev.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/a12610e83789c838493034e5c50ac5c903ad8c0d https://git.kernel.org/stable/c/a1e94fb4d09d0fcfeaa73aa49d787f06c42db7ee https://git.kernel.org/stable/c/5706d00fde3f1d5eb7296a4dfefb6aea35108224 https://git.kernel.org/stable/c/07dcd756e28f27e4f8fcd8b809ffa05a5cc5de2b https://git.kernel.org/stable/c/baef42df7de7c35ba60b75a5f96d1eb039f4d782 https://git.kernel.org/stable/c/deb962ec9e1c9a81babd3d37542ad4bd6ac3396e
Powered by blists - more mailing lists