Detections
Analytics

CVE-2022-50513

low

Description

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv() In rtw_init_cmd_priv(), if `pcmdpriv->rsp_allocated_buf` is allocated in failure, then `pcmdpriv->cmd_allocated_buf` will be not properly released. Besides, considering there are only two error paths and the first one can directly return, so we do not need implicitly jump to the `exit` tag to execute the error handler. So this patch added `kfree(pcmdpriv->cmd_allocated_buf);` on the error path to release the resource and simplified the return logic of rtw_init_cmd_priv(). As there is no proper device to test with, no runtime testing was performed.

References

https://git.kernel.org/stable/c/e6cc39db24a63f68314473621020ed8cad7be423

https://git.kernel.org/stable/c/e5d8f05edb36fc4ab15beec62cb6ab62f5a60fe2

https://git.kernel.org/stable/c/a5be64ff6d21f7805a91e6d81f53fc19cd9f0fae

https://git.kernel.org/stable/c/8db6ca84eee0ac258706f3fca54f7c021cb159ef

https://git.kernel.org/stable/c/708056fba733a73d926772ea4ce9a42d240345da

https://git.kernel.org/stable/c/39bef9c6a91bbb790d04c1347cfeae584541fb6a

Details

Source: Mitre, NVD

Published: 2025-10-07

Updated: 2025-10-08

Risk Information

CVSS v2

Base Score: 1.7

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:P

Severity: Low

CVSS v3

Base Score: 3.3

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Severity: Low

EPSS

EPSS: 0.00024