vulnerability
Ubuntu: (CVE-2022-50561): linux vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | Oct 24, 2025 | Oct 28, 2025 | Dec 2, 2025 |
Description
In the Linux kernel, the following vulnerability has been resolved: iio: fix memory leak in iio_device_register_eventset() When iio_device_register_sysfs_group() returns failed, iio_device_register_eventset() needs to free attrs array. Otherwise, kmemleak would scan & report memory leak as below: unreferenced object 0xffff88810a1cc3c0 (size 32): comm "100-i2c-vcnl302", pid 728, jiffies 4295052307 (age 156.027s) backtrace: __kmalloc+0x46/0x1b0 iio_device_register_eventset at drivers/iio/industrialio-event.c:541 __iio_device_register at drivers/iio/industrialio-core.c:1959 __devm_iio_device_register at drivers/iio/industrialio-core.c:2040
Solutions
References
- CVE-2022-50561
- https://attackerkb.com/topics/CVE-2022-50561
- URL-https://git.kernel.org/linus/86fdd15e10e404e70ecb2a3bff24d70356d42b36
- URL-https://git.kernel.org/stable/c/5de3add7509c95685f1185683b817dd206c4b1f1
- URL-https://git.kernel.org/stable/c/86fdd15e10e404e70ecb2a3bff24d70356d42b36
- URL-https://git.kernel.org/stable/c/a154b1c139fbf6a49762159be81d425d41ceec87
- URL-https://git.kernel.org/stable/c/dc6afd6070f3a5b086c8c5cfa6ded63ae44494da
- URL-https://www.cve.org/CVERecord?id=CVE-2022-50561
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.