ghsa-6735-jgp5-qf5j
Vulnerability from github
In the Linux kernel, the following vulnerability has been resolved:
staging: rtl8712: fix a potential memory leak in r871xu_drv_init()
In r871xu_drv_init(), if r8712_init_drv_sw() fails, then the memory allocated by r8712_alloc_io_queue() in r8712_usb_dvobj_init() is not properly released as there is no action will be performed by r8712_usb_dvobj_deinit(). To properly release it, we should call r8712_free_io_queue() in r8712_usb_dvobj_deinit().
Besides, in r871xu_dev_remove(), r8712_usb_dvobj_deinit() will be called
by r871x_dev_unload() under condition padapter->bup and
r8712_free_io_queue() is called by r8712_free_drv_sw().
However, r8712_usb_dvobj_deinit() does not rely on padapter->bup and
calling r8712_free_io_queue() in r8712_free_drv_sw() is negative for
better understading the code.
So I move r8712_usb_dvobj_deinit() into r871xu_dev_remove(), and remove
r8712_free_io_queue() from r8712_free_drv_sw().
{
"affected": [],
"aliases": [
"CVE-2022-49312"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-26T07:01:07Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8712: fix a potential memory leak in r871xu_drv_init()\n\nIn r871xu_drv_init(), if r8712_init_drv_sw() fails, then the memory\nallocated by r8712_alloc_io_queue() in r8712_usb_dvobj_init() is not\nproperly released as there is no action will be performed by\nr8712_usb_dvobj_deinit().\nTo properly release it, we should call r8712_free_io_queue() in\nr8712_usb_dvobj_deinit().\n\nBesides, in r871xu_dev_remove(), r8712_usb_dvobj_deinit() will be called\nby r871x_dev_unload() under condition `padapter-\u003ebup` and\nr8712_free_io_queue() is called by r8712_free_drv_sw().\nHowever, r8712_usb_dvobj_deinit() does not rely on `padapter-\u003ebup` and\ncalling r8712_free_io_queue() in r8712_free_drv_sw() is negative for\nbetter understading the code.\nSo I move r8712_usb_dvobj_deinit() into r871xu_dev_remove(), and remove\nr8712_free_io_queue() from r8712_free_drv_sw().",
"id": "GHSA-6735-jgp5-qf5j",
"modified": "2025-03-17T21:30:33Z",
"published": "2025-03-17T21:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49312"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/205e039fead72e87ad2838f5e649a4c4834f648b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5a89a92efc342dd7c44b6056da87debc598f9c73"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7288ff561de650d4139fab80e9cb0da9b5b32434"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8eb42d6d10f8fe509117859defddf9e72b4fa4d0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a2882b8baad068d21c99fb2ab5a85a2bdbd5b834"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.