CVE-2022-49389

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-49389

Import Source

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-49389

Downstream

Related

Published

2025-02-26T02:11:22.834Z

Modified

2026-03-20T12:22:23.824215Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

usb: usbip: fix a refcount leak in stub_probe()

Details

In the Linux kernel, the following vulnerability has been resolved:

usb: usbip: fix a refcount leak in stub_probe()

usbgetdev() is called in stubdevicealloc(). When stubprobe() fails after that, usbput_dev() needs to be called to release the reference.

Fix this by moving usbputdev() to sdev_free error path handling.

Find this by code review.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49389.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

3ff67445750a84de67faaf52c6e1895cb09f2c56

Fixed

6bafee2f18af5e5ac125e42960bc65496d0e56a0

Fixed

f20d2d3b3364ce6525c050a8b6b4c54c8c19674d

Fixed

247d3809e45a34d9e1a3a2bb7012e31ed8b46031

Fixed

2f0ae93ec33c8456cdfbf7876b80403a6318ebce

Fixed

bcbb795a9e78180d74c6ab21518da87e803dfdce

Fixed

51422046be504515eb5a591adf0f424b62f46804

Fixed

8afb048800919d0ab10c57983940eba956339f21

Fixed

11c65408bd0ba1d9cd1307caa38169292de9cdfb

Fixed

9ec4cbf1cc55d126759051acfe328d489c5d6e60

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

77e7f91231bf63e3c64eb59a2aaf5754eaea2e69

Last affected

d0f35e23dafa0185f979d0c70463caa658062264

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49389.json"