CVE-2022-50287

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak exists in the drm/i915/bios module, specifically within the generate lfp data ptrs function. The issue occurs when size is not equal to 0 or ptrs->lvds entries is not equal to 3, leading to an attempt to free memory that was not allocated using kzmalloc(), but obtained through a pointer offset operation. This can result in memory leaks or undefined behavior. The fix involves replacing the arguments of kfree() with ptrs block.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Resource Release

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404CWE-401

Related Identifiers

BDU:2026-02044

CESA-2023_7077

CVE-2022-50287

RHSA-2023:6583

RHSA-2023:7077

RHSA-2023_6583

RHSA-2023_7077

SUSE-SU-2025:03615-1

SUSE-SU-2025:3761-1

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

CVE-2022-50287

Weakness Enumeration

Related Identifiers

Affected Products

References · 835