CVE-2022-50281

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a platform-device leak in the bridge platform create() function when handling errors during device creation. Specifically, the vulnerability occurs when platform device add(), platform device add data(), or platform device add resources() fail. In these cases, the allocated platform device (pdev) is not released, leading to a memory leak. The fix involves calling platform device put() to release the failed pdev, which is divided into pdev wd and pdev bd. Additionally, platform device unregister() is used to release resources associated with sgi w1 when xtalk-bridge registration fails.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.