CVE-2022-50711
Memory Leak in Linux mtk_eth_soc Ethernet Driver Fixed
Publication date: 2025-12-24
Last updated on: 2025-12-24
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mtk | mtk_eth_soc | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a possible memory leak in the Linux kernel's MediaTek Ethernet driver (mtk_eth_soc). Specifically, if the function mtk_wed_add_hw() is called, the corresponding cleanup function mtk_wed_exit() must also be called in error paths or when removing the module to properly free allocated memory. Failure to do so can lead to memory not being released.
How can this vulnerability impact me? :
The impact of this vulnerability is a potential memory leak in the system running the affected Linux kernel driver. Over time, this could lead to increased memory usage, reduced system performance, or even system instability if memory is exhausted.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, ensure that the Linux kernel is updated to a version where the fix for the memory leak in mtk_probe() is applied. Specifically, verify that mtk_wed_exit() is called in the error path or when removing the module to free allocated memory. Applying the latest kernel patches or updates from your Linux distribution that address this issue is recommended.