{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2022-50626", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-12-08T01:14:55.191Z", "datePublished": "2025-12-08T01:16:40.754Z", "dateUpdated": "2025-12-08T01:16:40.754Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-08T01:16:40.754Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-usb: fix memory leak in dvb_usb_adapter_init()\n\nSyzbot reports a memory leak in \"dvb_usb_adapter_init()\".\nThe leak is due to not accounting for and freeing current iteration's\nadapter->priv in case of an error. Currently if an error occurs,\nit will exit before incrementing \"num_adapters_initalized\",\nwhich is used as a reference counter to free all adap->priv\nin \"dvb_usb_adapter_exit()\". There are multiple error paths that\ncan exit from before incrementing the counter. Including the\nerror handling paths for \"dvb_usb_adapter_stream_init()\",\n\"dvb_usb_adapter_dvb_init()\" and \"dvb_usb_adapter_frontend_init()\"\nwithin \"dvb_usb_adapter_init()\".\n\nThis means that in case of an error in any of these functions the\ncurrent iteration is not accounted for and the current iteration's\nadap->priv is not freed.\n\nFix this by freeing the current iteration's adap->priv in the\n\"stream_init_err:\" label in the error path. The rest of the\n(accounted for) adap->priv objects are freed in dvb_usb_adapter_exit()\nas expected using the num_adapters_initalized variable.\n\nSyzbot report:\n\nBUG: memory leak\nunreferenced object 0xffff8881172f1a00 (size 512):\n comm \"kworker/0:2\", pid 139, jiffies 4294994873 (age 10.960s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace:\n [<ffffffff844af012>] dvb_usb_adapter_init drivers/media/usb/dvb-usb/dvb-usb-init.c:75 [inline]\n [<ffffffff844af012>] dvb_usb_init drivers/media/usb/dvb-usb/dvb-usb-init.c:184 [inline]\n [<ffffffff844af012>] dvb_usb_device_init.cold+0x4e5/0x79e drivers/media/usb/dvb-usb/dvb-usb-init.c:308\n [<ffffffff830db21d>] dib0700_probe+0x8d/0x1b0 drivers/media/usb/dvb-usb/dib0700_core.c:883\n [<ffffffff82d3fdc7>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396\n [<ffffffff8274ab37>] call_driver_probe drivers/base/dd.c:542 [inline]\n [<ffffffff8274ab37>] really_probe.part.0+0xe7/0x310 drivers/base/dd.c:621\n [<ffffffff8274ae6c>] really_probe drivers/base/dd.c:583 [inline]\n [<ffffffff8274ae6c>] __driver_probe_device+0x10c/0x1e0 drivers/base/dd.c:752\n [<ffffffff8274af6a>] driver_probe_device+0x2a/0x120 drivers/base/dd.c:782\n [<ffffffff8274b786>] __device_attach_driver+0xf6/0x140 drivers/base/dd.c:899\n [<ffffffff82747c87>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:427\n [<ffffffff8274b352>] __device_attach+0x122/0x260 drivers/base/dd.c:970\n [<ffffffff827498f6>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:487\n [<ffffffff82745cdb>] device_add+0x5fb/0xdf0 drivers/base/core.c:3405\n [<ffffffff82d3d202>] usb_set_configuration+0x8f2/0xb80 drivers/usb/core/message.c:2170\n [<ffffffff82d4dbfc>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238\n [<ffffffff82d3f49c>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293\n [<ffffffff8274ab37>] call_driver_probe drivers/base/dd.c:542 [inline]\n [<ffffffff8274ab37>] really_probe.part.0+0xe7/0x310 drivers/base/dd.c:621\n [<ffffffff8274ae6c>] really_probe drivers/base/dd.c:583 [inline]\n [<ffffffff8274ae6c>] __driver_probe_device+0x10c/0x1e0 drivers/base/dd.c:752"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/media/usb/dvb-usb/dvb-usb-init.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "733bc9e226da2a7f43b10031b8ebfc26d89ec4bd", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "e5a49140035591d13ff57a7537c65217e5af0d15", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "21b6b0c9f3796e6917e90db403dae9e74025fc40", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "17217737c174883dd975885ab4bee4b00f517239", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "7d7ab25ead969594df05fb09ee46ca931d46c5c8", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "d0af6220bb1eed8225a5511de5a3bd386b94afa4", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "e5d01eb6dc2f699a395d3e731c58a9b3bb4e269f", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "93bbf2ed428142aa9a9693721230b28571678bf8", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "94d90fb06b94a90c176270d38861bcba34ce377d", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/media/usb/dvb-usb/dvb-usb-init.c"], "versions": [{"version": "4.9.337", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.303", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.270", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.229", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.163", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.86", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.0.16", "lessThanOrEqual": "6.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.2", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.2", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.9.337"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.14.303"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.19.270"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.4.229"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.10.163"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.15.86"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.0.16"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.1.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.2"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/733bc9e226da2a7f43b10031b8ebfc26d89ec4bd"}, {"url": "https://git.kernel.org/stable/c/e5a49140035591d13ff57a7537c65217e5af0d15"}, {"url": "https://git.kernel.org/stable/c/21b6b0c9f3796e6917e90db403dae9e74025fc40"}, {"url": "https://git.kernel.org/stable/c/17217737c174883dd975885ab4bee4b00f517239"}, {"url": "https://git.kernel.org/stable/c/7d7ab25ead969594df05fb09ee46ca931d46c5c8"}, {"url": "https://git.kernel.org/stable/c/d0af6220bb1eed8225a5511de5a3bd386b94afa4"}, {"url": "https://git.kernel.org/stable/c/e5d01eb6dc2f699a395d3e731c58a9b3bb4e269f"}, {"url": "https://git.kernel.org/stable/c/93bbf2ed428142aa9a9693721230b28571678bf8"}, {"url": "https://git.kernel.org/stable/c/94d90fb06b94a90c176270d38861bcba34ce377d"}], "title": "media: dvb-usb: fix memory leak in dvb_usb_adapter_init()", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-usb: fix memory leak in dvb_usb_adapter_init()\n\nSyzbot reports a memory leak in \"dvb_usb_adapter_init()\".\nThe leak is due to not accounting for and freeing current iteration's\nadapter->priv in case of an error. Currently if an error occurs,\nit will exit before incrementing \"num_adapters_initalized\",\nwhich is used as a reference counter to free all adap->priv\nin \"dvb_usb_adapter_exit()\". There are multiple error paths that\ncan exit from before incrementing the counter. Including the\nerror handling paths for \"dvb_usb_adapter_stream_init()\",\n\"dvb_usb_adapter_dvb_init()\" and \"dvb_usb_adapter_frontend_init()\"\nwithin \"dvb_usb_adapter_init()\".\n\nThis means that in case of an error in any of these functions the\ncurrent iteration is not accounted for and the current iteration's\nadap->priv is not freed.\n\nFix this by freeing the current iteration's adap->priv in the\n\"stream_init_err:\" label in the error path. The rest of the\n(accounted for) adap->priv objects are freed in dvb_usb_adapter_exit()\nas expected using the num_adapters_initalized variable.\n\nSyzbot report:\n\nBUG: memory leak\nunreferenced object 0xffff8881172f1a00 (size 512):\n comm \"kworker/0:2\", pid 139, jiffies 4294994873 (age 10.960s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace:\n [<ffffffff844af012>] dvb_usb_adapter_init drivers/media/usb/dvb-usb/dvb-usb-init.c:75 [inline]\n [<ffffffff844af012>] dvb_usb_init drivers/media/usb/dvb-usb/dvb-usb-init.c:184 [inline]\n [<ffffffff844af012>] dvb_usb_device_init.cold+0x4e5/0x79e drivers/media/usb/dvb-usb/dvb-usb-init.c:308\n [<ffffffff830db21d>] dib0700_probe+0x8d/0x1b0 drivers/media/usb/dvb-usb/dib0700_core.c:883\n [<ffffffff82d3fdc7>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396\n [<ffffffff8274ab37>] call_driver_probe drivers/base/dd.c:542 [inline]\n [<ffffffff8274ab37>] really_probe.part.0+0xe7/0x310 drivers/base/dd.c:621\n [<ffffffff8274ae6c>] really_probe drivers/base/dd.c:583 [inline]\n [<ffffffff8274ae6c>] __driver_probe_device+0x10c/0x1e0 drivers/base/dd.c:752\n [<ffffffff8274af6a>] driver_probe_device+0x2a/0x120 drivers/base/dd.c:782\n [<ffffffff8274b786>] __device_attach_driver+0xf6/0x140 drivers/base/dd.c:899\n [<ffffffff82747c87>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:427\n [<ffffffff8274b352>] __device_attach+0x122/0x260 drivers/base/dd.c:970\n [<ffffffff827498f6>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:487\n [<ffffffff82745cdb>] device_add+0x5fb/0xdf0 drivers/base/core.c:3405\n [<ffffffff82d3d202>] usb_set_configuration+0x8f2/0xb80 drivers/usb/core/message.c:2170\n [<ffffffff82d4dbfc>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238\n [<ffffffff82d3f49c>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293\n [<ffffffff8274ab37>] call_driver_probe drivers/base/dd.c:542 [inline]\n [<ffffffff8274ab37>] really_probe.part.0+0xe7/0x310 drivers/base/dd.c:621\n [<ffffffff8274ae6c>] really_probe drivers/base/dd.c:583 [inline]\n [<ffffffff8274ae6c>] __driver_probe_device+0x10c/0x1e0 drivers/base/dd.c:752"}], "id": "CVE-2022-50626", "lastModified": "2025-12-08T02:15:48.653", "metrics": {}, "published": "2025-12-08T02:15:48.653", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/17217737c174883dd975885ab4bee4b00f517239"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/21b6b0c9f3796e6917e90db403dae9e74025fc40"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/733bc9e226da2a7f43b10031b8ebfc26d89ec4bd"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/7d7ab25ead969594df05fb09ee46ca931d46c5c8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/93bbf2ed428142aa9a9693721230b28571678bf8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/94d90fb06b94a90c176270d38861bcba34ce377d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d0af6220bb1eed8225a5511de5a3bd386b94afa4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e5a49140035591d13ff57a7537c65217e5af0d15"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e5d01eb6dc2f699a395d3e731c58a9b3bb4e269f"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{}

{}