CVE-2022-50337

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The get function 0() function in the Linux kernel contains a potential PCI device reference count leak. The function calls pci get domain bus and slot(), which increments the reference count of the PCI device. However, the reference is not always released, leading to a memory leak. Callers of get function 0() need to call pci dev put() to decrement the reference count and prevent the leak. The issue has been addressed by ensuring pci dev put() is called in the error path and by adding comments to inform callers about the need to release the device reference.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.