CVE-2022-50343

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the rapidio subsystem where a name leak can occur when the rio add device() function fails. Specifically, if rio add device() returns an error, the name allocated by dev set name() is not properly freed. This issue is addressed by using put device() to release the reference in the error path, allowing the name to be freed during kobject cleanup and the 'rdev' to be freed in rio release dev(). This patchset resolves three name leaks in error handling, with this patch focusing on the leaks occurring during rio add device() failures.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.