CVE-2022-50357
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-09-17
Last updated on: 2025-12-09
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
usb: dwc3: core: fix some leaks in probe
The dwc3_get_properties() function calls:
dwc->usb_psy = power_supply_get_by_name(usb_psy_name);
so there is some additional clean up required on these error paths.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.13 (inc) to 5.19.17 (exc) |
| linux | linux_kernel | From 6.0 (inc) to 6.0.3 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-401 | The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is related to the Linux kernel's USB driver (dwc3). Specifically, the dwc3_get_properties() function calls power_supply_get_by_name(usb_psy_name) but does not properly clean up resources on error paths, leading to some resource leaks during the probe process.
How can this vulnerability impact me? :
The vulnerability can cause resource leaks in the Linux kernel's USB driver, which may lead to increased memory usage or instability in the system when USB devices are initialized or probed.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70