CVE-2022-50545

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a memory leak in the r6040 driver related to the probe and remove processes. The issue stems from a failure to properly disconnect a phy device when removing an r6040 device or during error handling after a successful probe. Specifically, the phy device reference count is not released, leading to a memory leak. The problem occurs during the r6040 init one function, where the phy device is allocated and registered, and in the error handling path after r6040 mii probe succeeds. The fix involves adding phy disconnect() during device removal or in the error handling path.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

CVE-2022-50545

SUSE-SU-2025:4111-1

SUSE-SU-2025:4139-1

SUSE-SU-2025:4149-1

SUSE-SU-2025:4320-1

SUSE-SU-2025:4515-1

Affected Products

Linux Kernel

Suse

CVE-2022-50545

Weakness Enumeration

Related Identifiers

Affected Products

References · 500