CVE-2022-50349

misc: tifm: fix possible memory leak in tifm_7xx1_switch_media()

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: misc: tifm: fix possible memory leak in tifm_7xx1_switch_media() If device_register() returns error in tifm_7xx1_switch_media(),
name of kobject which is allocated in dev_set_name() called in device_add()
is leaked. Never directly free @dev after calling device_register(), even
if it returned an error! Always use put_device() to give up the
reference initialized.

This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later.

*Credits: N/A

CVSS Scores

CISAv3.1 5.5

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2025-09-16 CVE Reserved
2025-09-16 CVE Published
2026-02-24 EPSS Updated
2026-05-11 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-401: Missing Release of Memory after Effective Lifetime

CAPEC

References (10)

URL	Tag	Source
https://git.kernel.org/stable/c/2428a8fe2261e901e058d9ea8b6ed7e1b4268b79	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/2bbb222a54ff501f77ce593d21b76b79c905045e	2023-01-07
https://git.kernel.org/stable/c/d861b7d41b17942b337d4b87a70de7cd1dc44d4e	2023-01-18
https://git.kernel.org/stable/c/1695b1adcc3a7d985cd22fa3b55761edf3fab50d	2023-01-18
https://git.kernel.org/stable/c/ee2715faf7e7153f5142ed09aacfa89a64d45dcb	2023-01-18
https://git.kernel.org/stable/c/57c857353d5020bdec8284d9c0fee447484fe5e0	2023-01-14
https://git.kernel.org/stable/c/848c45964ded537107e010aaf353aa30a0855387	2022-12-31
https://git.kernel.org/stable/c/35abbc8406cc39e72d3ce85f6e869555afe50d54	2022-12-31
https://git.kernel.org/stable/c/ef843ee20576039126d34d6eb5f45d14c3e6ce18	2022-12-31
https://git.kernel.org/stable/c/fd2c930cf6a5b9176382c15f9acb1996e76e25ad	2022-11-23

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.22 < 4.9.337 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.22 < 4.9.337"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.22 < 4.14.303 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.22 < 4.14.303"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.22 < 4.19.270 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.22 < 4.19.270"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.22 < 5.4.229 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.22 < 5.4.229"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.22 < 5.10.163 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.22 < 5.10.163"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.22 < 5.15.86 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.22 < 5.15.86"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.22 < 6.0.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.22 < 6.0.16"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.22 < 6.1.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.22 < 6.1.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.22 < 6.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.22 < 6.2"		en		Affected