vulnerability
Ubuntu: (CVE-2022-50513): linux vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | Oct 7, 2025 | Oct 10, 2025 | Dec 2, 2025 |
Description
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv() In rtw_init_cmd_priv(), if `pcmdpriv->rsp_allocated_buf` is allocated in failure, then `pcmdpriv->cmd_allocated_buf` will be not properly released. Besides, considering there are only two error paths and the first one can directly return, so we do not need implicitly jump to the `exit` tag to execute the error handler. So this patch added `kfree(pcmdpriv->cmd_allocated_buf);` on the error path to release the resource and simplified the return logic of rtw_init_cmd_priv(). As there is no proper device to test with, no runtime testing was performed.
Solutions
References
- CVE-2022-50513
- https://attackerkb.com/topics/CVE-2022-50513
- URL-https://git.kernel.org/linus/708056fba733a73d926772ea4ce9a42d240345da
- URL-https://git.kernel.org/stable/c/39bef9c6a91bbb790d04c1347cfeae584541fb6a
- URL-https://git.kernel.org/stable/c/708056fba733a73d926772ea4ce9a42d240345da
- URL-https://git.kernel.org/stable/c/8db6ca84eee0ac258706f3fca54f7c021cb159ef
- URL-https://git.kernel.org/stable/c/a5be64ff6d21f7805a91e6d81f53fc19cd9f0fae
- URL-https://git.kernel.org/stable/c/e5d8f05edb36fc4ab15beec62cb6ab62f5a60fe2
- URL-https://git.kernel.org/stable/c/e6cc39db24a63f68314473621020ed8cad7be423
- URL-https://www.cve.org/CVERecord?id=CVE-2022-50513
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.