CVE-2022-50474

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak was identified in the macio add one device() function within the Linux kernel’s macintosh component. Following a commit (1fa5ae857bb1) that altered device name allocation, a reference to the device was not properly released when of device register() failed. This resulted in a potential memory leak, as the allocated memory was not freed. The issue was addressed by calling put device() to decrement the reference count, allowing for proper cleanup via kobject cleanup() when the reference count reached zero. The kfree() function in macio release dev() was also removed as it was no longer necessary.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.