CVE-2022-50882

medium

Description

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix memory leak in uvc_gpio_parse Previously the unit buffer was allocated before checking the IRQ for privacy GPIO. In case of error, the unit buffer was leaked. Allocate the unit buffer after the IRQ to avoid it. Addresses-Coverity-ID: 1474639 ("Resource leak")

References

https://git.kernel.org/stable/c/f0f078457f18f10696888f8d0e6aba9deb9cde92

https://git.kernel.org/stable/c/deb8f32ae4b10a48c433f2da1b1159521ac24674

https://git.kernel.org/stable/c/6c5da92103bddd1f0c36cb69446ff7cae3043986

https://git.kernel.org/stable/c/4a7ae8d982a89b3b43b36ec7d62a2e3d06ffa16e

Details

Source: Mitre, NVD

Published: 2025-12-30

Updated: 2025-12-31

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Severity: High

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00018