CVE-2022-50357

Published: Sep 17, 2025Modified: Jan 14, 2026

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: fix some leaks in probe The dwc3_get_properties() function calls: dwc->usb_psy = power_supply_get_by_name(usb_psy_name); so there is some additional clean up required on these error paths.

Affected (2)

Products: Linux: Linux Kernel

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 5.13 to 5.19.17
Linux Linux Kernel	From 6.0 to 6.0.3

Related CWEs

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (3)

https://git.kernel.org/stable/c/2a735e4b5580a2a6bbd6572109b4c4f163c57462

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/3a213503f483173e7eea76f2e7e3bdd6df7fd6f8

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/79c3afb55942368921237d7b5355d48c52bdde20

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.