CVE-2022-50708

high

Description

In the Linux kernel, the following vulnerability has been resolved: HSI: ssi_protocol: fix potential resource leak in ssip_pn_open() ssip_pn_open() claims the HSI client's port with hsi_claim_port(). When hsi_register_port_event() gets some error and returns a negetive value, the HSI client's port should be released with hsi_release_port(). Fix it by calling hsi_release_port() when hsi_register_port_event() fails.

References

https://git.kernel.org/stable/c/e78b45b3eeee1cec77c794fcbf0512537c20b1dc

https://git.kernel.org/stable/c/b28dbcb379e6a7f80262c2732a57681b1ee548ca

https://git.kernel.org/stable/c/78b0ef14896f843c45372f9bbdb6f6070f977eaf

Details

Source: Mitre, NVD

Published: 2025-12-24

Updated: 2025-12-24

Risk Information

CVSS v2

Base Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Severity: High

EPSS

EPSS: 0.00017