github - ghsa-9xgm-4j53-mch4

ghsa-9xgm-4j53-mch4

Vulnerability from github

Published

2025-10-22 15:31

Modified

2025-10-22 15:31

Details

In the Linux kernel, the following vulnerability has been resolved:

iio: fix memory leak in iio_device_register_eventset()

When iio_device_register_sysfs_group() returns failed, iio_device_register_eventset() needs to free attrs array.

Otherwise, kmemleak would scan & report memory leak as below:

unreferenced object 0xffff88810a1cc3c0 (size 32): comm "100-i2c-vcnl302", pid 728, jiffies 4295052307 (age 156.027s) backtrace: __kmalloc+0x46/0x1b0 iio_device_register_eventset at drivers/iio/industrialio-event.c:541 __iio_device_register at drivers/iio/industrialio-core.c:1959 __devm_iio_device_register at drivers/iio/industrialio-core.c:2040

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-50561"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-22T14:15:40Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: fix memory leak in iio_device_register_eventset()\n\nWhen iio_device_register_sysfs_group() returns failed,\niio_device_register_eventset() needs to free attrs array.\n\nOtherwise, kmemleak would scan \u0026 report memory leak as below:\n\nunreferenced object 0xffff88810a1cc3c0 (size 32):\n  comm \"100-i2c-vcnl302\", pid 728, jiffies 4295052307 (age 156.027s)\n  backtrace:\n    __kmalloc+0x46/0x1b0\n    iio_device_register_eventset at drivers/iio/industrialio-event.c:541\n    __iio_device_register at drivers/iio/industrialio-core.c:1959\n    __devm_iio_device_register at drivers/iio/industrialio-core.c:2040",
  "id": "GHSA-9xgm-4j53-mch4",
  "modified": "2025-10-22T15:31:09Z",
  "published": "2025-10-22T15:31:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50561"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5de3add7509c95685f1185683b817dd206c4b1f1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/86fdd15e10e404e70ecb2a3bff24d70356d42b36"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a154b1c139fbf6a49762159be81d425d41ceec87"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/dc6afd6070f3a5b086c8c5cfa6ded63ae44494da"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2022-50561 (GCVE-0-2022-50561)

Vulnerability from cvelistv5

Published

2025-10-22 13:23

Modified

2025-10-22 13:23

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: iio: fix memory leak in iio_device_register_eventset() When iio_device_register_sysfs_group() returns failed, iio_device_register_eventset() needs to free attrs array. Otherwise, kmemleak would scan & report memory leak as below: unreferenced object 0xffff88810a1cc3c0 (size 32): comm "100-i2c-vcnl302", pid 728, jiffies 4295052307 (age 156.027s) backtrace: __kmalloc+0x46/0x1b0 iio_device_register_eventset at drivers/iio/industrialio-event.c:541 __iio_device_register at drivers/iio/industrialio-core.c:1959 __devm_iio_device_register at drivers/iio/industrialio-core.c:2040

References

URL

Tags

	https://git.kernel.org/stable/c/dc6afd6070f3a5b086c8c5cfa6ded63ae44494da
	https://git.kernel.org/stable/c/5de3add7509c95685f1185683b817dd206c4b1f1
	https://git.kernel.org/stable/c/a154b1c139fbf6a49762159be81d425d41ceec87
	https://git.kernel.org/stable/c/86fdd15e10e404e70ecb2a3bff24d70356d42b36

Impacted products

Vendor

Product

Version

Linux

Version: 32f171724e5cbecc80594fb6eced057cfdd6eb6f
Version: 32f171724e5cbecc80594fb6eced057cfdd6eb6f
Version: 32f171724e5cbecc80594fb6eced057cfdd6eb6f
Version: 32f171724e5cbecc80594fb6eced057cfdd6eb6f

Linux

Version: 5.13

Show details on NVD website