CVE-2022-50857

Summary

In the Linux kernel, the following vulnerability has been resolved:

rapidio: rio: fix possible name leak in rio_register_mport()

If device_register() returns error, the name allocated by dev_set_name() need be freed. It should use put_device() to give up the reference in the error path, so that the name can be freed in kobject_cleanup(), and list_del() is called to delete the port from rio_mports.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux2aaf308b95b24649a6dcfed89cd956e972089b2a < 0a71344f99289250e4d5b8adbac76f444485c840affected
LinuxLinux2aaf308b95b24649a6dcfed89cd956e972089b2a < 117fede82e9d6ea3de30746d500eb5edc2eb8310affected
LinuxLinux2aaf308b95b24649a6dcfed89cd956e972089b2a < a73a626c0510d203e369aeb26c4d6ec9c75af027affected
LinuxLinux2aaf308b95b24649a6dcfed89cd956e972089b2a < 1bbad5793f404cf218757e3beb600eca6080330faffected
LinuxLinux2aaf308b95b24649a6dcfed89cd956e972089b2a < 97d9eb45ffa67ffa112a6659953321b8f7db0065affected
LinuxLinux2aaf308b95b24649a6dcfed89cd956e972089b2a < a47de2fd3f88a7788be19f94ade72c2244a98045affected
LinuxLinux2aaf308b95b24649a6dcfed89cd956e972089b2a < 4ddbeae5f224d924cf0b12460dda88c7480aa452affected
LinuxLinux2aaf308b95b24649a6dcfed89cd956e972089b2a < 9abba4aa60874c5216fc8de7dededadc791de696affected
LinuxLinux2aaf308b95b24649a6dcfed89cd956e972089b2a < e92a216d16bde65d21a3227e0fb2aa0794576525affected
LinuxLinux3.15affected
LinuxLinux0 < 3.15unaffected
LinuxLinux4.9.337 <= 4.9.*unaffected
LinuxLinux4.14.303 <= 4.14.*unaffected
LinuxLinux4.19.270 <= 4.19.*unaffected
LinuxLinux5.4.229 <= 5.4.*unaffected
LinuxLinux5.10.163 <= 5.10.*unaffected
LinuxLinux5.15.86 <= 5.15.*unaffected
LinuxLinux6.0.16 <= 6.0.*unaffected
LinuxLinux6.1.2 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

References