CVE-2022-50343 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

rapidio: fix possible name leaks when rio_add_device() fails

Patch series "rapidio: fix three possible memory leaks".

This patchset fixes three name leaks in error handling.
- patch #1 fixes two name leaks while rio_add_device() fails.
- patch #2 fixes a name leak while rio_register_mport() fails.

This patch (of 2):

If rio_add_device() returns error, the name allocated by dev_set_name()
need be freed. It should use put_device() to give up the reference in the
error path, so that the name can be freed in kobject_cleanup(), and the
'rdev' can be freed in rio_release_dev().

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/3b4676f274a6b5d001176f15d0542100bbf4b59a
https://git.kernel.org/stable/c/440afd7fd9b164fdde6fc9da8c47d3d7f20dcce8
https://git.kernel.org/stable/c/80fad2e53eaed2b3a2ff596575f65669e13ceda5
https://git.kernel.org/stable/c/85fbf58b15c09d3a6a03098c1e42ebfe9002f39d
https://git.kernel.org/stable/c/88fa351b20ca300693a206ccd3c4b0e0647944d8
https://git.kernel.org/stable/c/c413f65011ff8caffabcde0e1c3ceede48a48d6f
https://git.kernel.org/stable/c/c482cb0deb57924335103fe592c379a076d867f8
https://git.kernel.org/stable/c/ec3f04f74f50d0b6bac04d795c93c2b852753a7a
https://git.kernel.org/stable/c/f9574cd48679926e2a569e1957a5a1bcc8a719ac

History

Tue, 16 Sep 2025 16:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible name leaks when rio_add_device() fails Patch series "rapidio: fix three possible memory leaks". This patchset fixes three name leaks in error handling. - patch #1 fixes two name leaks while rio_add_device() fails. - patch #2 fixes a name leak while rio_register_mport() fails. This patch (of 2): If rio_add_device() returns error, the name allocated by dev_set_name() need be freed. It should use put_device() to give up the reference in the error path, so that the name can be freed in kobject_cleanup(), and the 'rdev' can be freed in rio_release_dev().
Title		rapidio: fix possible name leaks when rio_add_device() fails
References		https://git.kernel.org/stable/c/3b4676f274a6b5d001176f15d0542100bbf4b59a https://git.kernel.org/stable/c/440afd7fd9b164fdde6fc9da8c47d3d7f20dcce8 https://git.kernel.org/stable/c/80fad2e53eaed2b3a2ff596575f65669e13ceda5 https://git.kernel.org/stable/c/85fbf58b15c09d3a6a03098c1e42ebfe9002f39d https://git.kernel.org/stable/c/88fa351b20ca300693a206ccd3c4b0e0647944d8 https://git.kernel.org/stable/c/c413f65011ff8caffabcde0e1c3ceede48a48d6f https://git.kernel.org/stable/c/c482cb0deb57924335103fe592c379a076d867f8 https://git.kernel.org/stable/c/ec3f04f74f50d0b6bac04d795c93c2b852753a7a https://git.kernel.org/stable/c/f9574cd48679926e2a569e1957a5a1bcc8a719ac

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-16T16:11:22.514Z

Updated: 2025-09-16T16:11:35.603Z

Reserved: 2025-09-16T16:03:27.881Z

Link: CVE-2022-50343

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-09-16T17:15:33.923

Modified: 2025-09-16T17:15:33.923

Link: CVE-2022-50343

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object