Vulnerabilities
Misconfiguration
Compliance
CVE Vulnerabilities

CVE-2022-50343

Published: Sep 16, 2025 | Modified: Sep 16, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
5.5 MODERATE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Ubuntu
Vulnerability-free packages from our partners
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2022-50343
CWEhttps://cwe.mitre.org/data/definitions/.html

In the Linux kernel, the following vulnerability has been resolved:

rapidio: fix possible name leaks when rio_add_device() fails

Patch series rapidio: fix three possible memory leaks.

This patchset fixes three name leaks in error handling.

  • patch #1 fixes two name leaks while rio_add_device() fails.
  • patch #2 fixes a name leak while rio_register_mport() fails.

This patch (of 2):

If rio_add_device() returns error, the name allocated by dev_set_name() need be freed. It should use put_device() to give up the reference in the error path, so that the name can be freed in kobject_cleanup(), and the rdev can be freed in rio_release_dev().

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2025 Aqua Security Software Ltd.   Privacy Policy | Terms of Use