CVE-2022-50427 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()

If device_register() fails in snd_ac97_dev_register(), it should
call put_device() to give up reference, or the name allocated in
dev_set_name() is leaked.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00024.

Key SSVC decision points have not yet been added.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/0f8e9a15c8ecf95057061d370a2dddaf1cee4aeb
https://git.kernel.org/stable/c/4881bda5ea05c8c240fc8afeaa928e2bc43f61fa
https://git.kernel.org/stable/c/4fdf6f978c6b605ca0d67bf0e982b7a8fc0f4aab
https://git.kernel.org/stable/c/758dbcc6fbf2286eff02743b093c70a18a407d66
https://git.kernel.org/stable/c/a602ec9d88f177dba78bc97fb1adecc7a71ff279
https://git.kernel.org/stable/c/bfce73088682ef0770da951f51156c36a89be490
https://git.kernel.org/stable/c/c68b2e9ef246117f696e360bbdd2f5736b3a7127
https://git.kernel.org/stable/c/ee8bf0946f62ef00e5db4b613a9f664ac567259a
https://lore.kernel.org/linux-cve-announce/2025100157-CVE-2022-50427-87b9@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2022-50427
https://www.cve.org/CVERecord?id=CVE-2022-50427

History

Thu, 02 Oct 2025 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025100157-CVE-2022-50427-87b9@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2022-50427 https://www.cve.org/CVERecord?id=CVE-2022-50427
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`

Wed, 01 Oct 2025 12:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix possible memory leak in snd_ac97_dev_register() If device_register() fails in snd_ac97_dev_register(), it should call put_device() to give up reference, or the name allocated in dev_set_name() is leaked.
Title		ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
References		https://git.kernel.org/stable/c/0f8e9a15c8ecf95057061d370a2dddaf1cee4aeb https://git.kernel.org/stable/c/4881bda5ea05c8c240fc8afeaa928e2bc43f61fa https://git.kernel.org/stable/c/4fdf6f978c6b605ca0d67bf0e982b7a8fc0f4aab https://git.kernel.org/stable/c/758dbcc6fbf2286eff02743b093c70a18a407d66 https://git.kernel.org/stable/c/a602ec9d88f177dba78bc97fb1adecc7a71ff279 https://git.kernel.org/stable/c/bfce73088682ef0770da951f51156c36a89be490 https://git.kernel.org/stable/c/c68b2e9ef246117f696e360bbdd2f5736b3a7127 https://git.kernel.org/stable/c/ee8bf0946f62ef00e5db4b613a9f664ac567259a

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-10-01T11:42:06.365Z

Updated: 2025-10-01T11:42:06.365Z

Reserved: 2025-09-17T14:53:07.004Z

Link: CVE-2022-50427

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-10-01T12:15:34.263

Modified: 2025-10-01T12:15:34.263

Link: CVE-2022-50427

Redhat

Severity : Low

Publid Date: 2025-10-01T00:00:00Z

Links: CVE-2022-50427 - Bugzilla

OpenCVE Enrichment

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object