CVE-2022-50418

Summary

In the Linux kernel, the following vulnerability has been resolved:

wifi: ath11k: mhi: fix potential memory leak in ath11k_mhi_register()

mhi_alloc_controller() allocates a memory space for mhi_ctrl. When gets some error, mhi_ctrl should be freed with mhi_free_controller(). But when ath11k_mhi_read_addr_from_dt() fails, the function returns without calling mhi_free_controller(), which will lead to a memory leak.

We can fix it by calling mhi_free_controller() when ath11k_mhi_read_addr_from_dt() fails.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd5c65159f2895379e11ca13f62feabe93278985d < 72ef896e80b6ec7cdc1dd42577045f8e7c9c32b3affected
LinuxLinuxd5c65159f2895379e11ca13f62feabe93278985d < 015ced9eb63b8b19cb725a1d592d150b60494cedaffected
LinuxLinuxd5c65159f2895379e11ca13f62feabe93278985d < 43e7c3505ec70db3d3c6458824d5fa40f62e3e7baffected
LinuxLinux5.6affected
LinuxLinux0 < 5.6unaffected
LinuxLinux5.19.17 <= 5.19.*unaffected
LinuxLinux6.0.3 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References