CVE-2022-50477

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a memory leak in the devm rtc allocate device() function. Specifically, if dev set name() fails after rtc device is allocated, a memory leak occurs. The fix involves moving devm add action or reset() before dev set name() to prevent this leak. The backtrace indicates the issue occurs during device probing, potentially within the rtc rx4581 module.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Allocation of Resources Without Limits

Resource Exhaustion

Improper Resource Release

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770CWE-400CWE-404CWE-401

Related Identifiers

BDU:2026-02272

CVE-2022-50477

RHSA-2023:6583

RHSA-2023_6583

Affected Products

Linux Kernel

Red Hat

Rtc Rx4581

CVE-2022-50477

Weakness Enumeration

Related Identifiers

Affected Products

References · 18