CVE-2022-50702

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-50702
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50702.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-50702
Downstream
Related
Published
2025-12-24T10:55:17.831Z
Modified
2026-05-15T04:05:49.572362459Z
Summary
vdpa_sim: fix possible memory leak in vdpasim_net_init() and vdpasim_blk_init()
Details

In the Linux kernel, the following vulnerability has been resolved:

vdpasim: fix possible memory leak in vdpasimnetinit() and vdpasimblk_init()

Inject fault while probing module, if deviceregister() fails in vdpasimnetinit() or vdpasimblkinit(), but the refcount of kobject is not decreased to 0, the name allocated in devsetname() is leaked. Fix this by calling putdevice(), so that name can be freed in callback function kobject_cleanup().

(vdpasimnet) unreferenced object 0xffff88807eebc370 (size 16): comm "modprobe", pid 3848, jiffies 4362982860 (age 18.153s) hex dump (first 16 bytes): 76 64 70 61 73 69 6d 5f 6e 65 74 00 6b 6b 6b a5 vdpasim_net.kkk. backtrace: [<ffffffff8174f19e>] __kmallocnodetrackcaller+0x4e/0x150 [<ffffffff81731d53>] kstrdup+0x33/0x60 [<ffffffff83a5d421>] kobjectsetnamevargs+0x41/0x110 [<ffffffff82d87aab>] devsetname+0xab/0xe0 [<ffffffff82d91a23>] deviceadd+0xe3/0x1a80 [<ffffffffa0270013>] 0xffffffffa0270013 [<ffffffff81001c27>] dooneinitcall+0x87/0x2e0 [<ffffffff813739cb>] doinitmodule+0x1ab/0x640 [<ffffffff81379d20>] loadmodule+0x5d00/0x77f0 [<ffffffff8137bc40>] _dosysfinitmodule+0x110/0x1b0 [<ffffffff83c4d505>] dosyscall64+0x35/0x80 [<ffffffff83e0006a>] entrySYSCALL64afterhwframe+0x46/0xb0

(vdpasimblk) unreferenced object 0xffff8881070c1250 (size 16): comm "modprobe", pid 6844, jiffies 4364069319 (age 17.572s) hex dump (first 16 bytes): 76 64 70 61 73 69 6d 5f 62 6c 6b 00 6b 6b 6b a5 vdpasim_blk.kkk. backtrace: [<ffffffff8174f19e>] __kmallocnodetrackcaller+0x4e/0x150 [<ffffffff81731d53>] kstrdup+0x33/0x60 [<ffffffff83a5d421>] kobjectsetnamevargs+0x41/0x110 [<ffffffff82d87aab>] devsetname+0xab/0xe0 [<ffffffff82d91a23>] deviceadd+0xe3/0x1a80 [<ffffffffa0220013>] 0xffffffffa0220013 [<ffffffff81001c27>] dooneinitcall+0x87/0x2e0 [<ffffffff813739cb>] doinitmodule+0x1ab/0x640 [<ffffffff81379d20>] loadmodule+0x5d00/0x77f0 [<ffffffff8137bc40>] _dosysfinitmodule+0x110/0x1b0 [<ffffffff83c4d505>] dosyscall64+0x35/0x80 [<ffffffff83e0006a>] entrySYSCALL64afterhwframe+0x46/0xb0

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50702.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.12.0
Fixed
5.15.87
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.0.19
Type
ECOSYSTEM
Events
Introduced
6.1.0
Fixed
6.1.5

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50702.json"