CVE-2022-50400
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-18

Last updated on: 2025-12-12

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: staging: greybus: audio_helper: remove unused and wrong debugfs usage In the greybus audio_helper code, the debugfs file for the dapm has the potential to be removed and memory will be leaked. There is also the very real potential for this code to remove ALL debugfs entries from the system, and it seems like this is what will really happen if this code ever runs. This all is very wrong as the greybus audio driver did not create this debugfs file, the sound core did and controls the lifespan of it. So remove all of the debugfs logic from the audio_helper code as there's no way it could be correct. If this really is needed, it can come back with a fixup for the incorrect usage of the debugfs_lookup() call which is what caused this to be noticed at all.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-18
Last Modified
2025-12-12
Generated
2026-06-16
AI Q&A
2025-09-18
EPSS Evaluated
2026-06-15
NVD
CVE-2022-50400
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
linux linux_kernel to 5.10.150 (exc)
linux linux_kernel From 5.11 (inc) to 5.15.75 (exc)
linux linux_kernel From 5.16 (inc) to 5.19.17 (exc)
linux linux_kernel From 6.0 (inc) to 6.0.3 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-401 The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is in the Linux kernel's greybus audio_helper code, where incorrect usage of debugfs leads to potential removal of debugfs files that the greybus audio driver did not create. This can cause memory leaks and may remove all debugfs entries from the system, which is unintended and incorrect behavior. The issue arises because the audio_helper code improperly handles debugfs files, and the fix involves removing this incorrect debugfs logic.

Impact Analysis

The vulnerability can cause memory leaks and potentially remove all debugfs entries from the system, which could disrupt system debugging and monitoring functions that rely on debugfs. This could lead to system instability or difficulties in diagnosing system issues.

Mitigation Strategies

The vulnerability involves incorrect usage of debugfs in the greybus audio_helper code in the Linux kernel, which can lead to removal of all debugfs entries and memory leaks. Immediate mitigation would be to update the Linux kernel to a version where this issue is resolved by removing the incorrect debugfs logic from the audio_helper code.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50400. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart