CVE-2022-50544

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak exists in the xhci alloc stream info() function within the USB host controller interface of the Linux kernel. The function allocates memory for a stream context array but fails to release it under certain error conditions, leading to a potential memory leak. The issue occurs when stream info->stream ctx array is not released via xhci free stream ctx() on the error path.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Missing Release of Resource after Effective Lifetime

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-772CWE-401

Related Identifiers

ALSA-2025_16880

BDU:2026-04858

CESA-2023_7077

CVE-2022-50544

OESA-2025-2553

RHSA-2023:6583

RHSA-2023:7077

RHSA-2023_6583

RHSA-2023_7077

SUSE-SU-2025:4111-1

SUSE-SU-2025:4135-1

SUSE-SU-2025:4139-1

SUSE-SU-2025:4149-1

SUSE-SU-2025:4188-1

SUSE-SU-2025:4189-1

SUSE-SU-2025:4320-1

Affected Products

Centos

Linux Kernel

Red Hat

Suse

CVE-2022-50544

Weakness Enumeration

Related Identifiers

Affected Products

References · 664