CVE-2022-50357

Summary

In the Linux kernel, the following vulnerability has been resolved:

usb: dwc3: core: fix some leaks in probe

The dwc3_get_properties() function calls:

dwc->usb_psy = power_supply_get_by_name(usb_psy_name);

so there is some additional clean up required on these error paths.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux6f0764b5adea18d70c3fab32d5f940678bcbd865 < 79c3afb55942368921237d7b5355d48c52bdde20affected
LinuxLinux6f0764b5adea18d70c3fab32d5f940678bcbd865 < 3a213503f483173e7eea76f2e7e3bdd6df7fd6f8affected
LinuxLinux6f0764b5adea18d70c3fab32d5f940678bcbd865 < 2a735e4b5580a2a6bbd6572109b4c4f163c57462affected
LinuxLinux5.13affected
LinuxLinux0 < 5.13unaffected
LinuxLinux5.19.17 <= 5.19.*unaffected
LinuxLinux6.0.3 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References