{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2022-50626","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-12-08T01:14:55.191Z","datePublished":"2025-12-08T01:16:40.754Z","dateUpdated":"2026-05-11T19:22:29.322Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:22:29.322Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-usb: fix memory leak in dvb_usb_adapter_init()\n\nSyzbot reports a memory leak in \"dvb_usb_adapter_init()\".\nThe leak is due to not accounting for and freeing current iteration's\nadapter->priv in case of an error. Currently if an error occurs,\nit will exit before incrementing \"num_adapters_initalized\",\nwhich is used as a reference counter to free all adap->priv\nin \"dvb_usb_adapter_exit()\". There are multiple error paths that\ncan exit from before incrementing the counter. Including the\nerror handling paths for \"dvb_usb_adapter_stream_init()\",\n\"dvb_usb_adapter_dvb_init()\" and \"dvb_usb_adapter_frontend_init()\"\nwithin \"dvb_usb_adapter_init()\".\n\nThis means that in case of an error in any of these functions the\ncurrent iteration is not accounted for and the current iteration's\nadap->priv is not freed.\n\nFix this by freeing the current iteration's adap->priv in the\n\"stream_init_err:\" label in the error path. The rest of the\n(accounted for) adap->priv objects are freed in dvb_usb_adapter_exit()\nas expected using the num_adapters_initalized variable.\n\nSyzbot report:\n\nBUG: memory leak\nunreferenced object 0xffff8881172f1a00 (size 512):\n  comm \"kworker/0:2\", pid 139, jiffies 4294994873 (age 10.960s)\n  hex dump (first 32 bytes):\n    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\nbacktrace:\n    [<ffffffff844af012>] dvb_usb_adapter_init drivers/media/usb/dvb-usb/dvb-usb-init.c:75 [inline]\n    [<ffffffff844af012>] dvb_usb_init drivers/media/usb/dvb-usb/dvb-usb-init.c:184 [inline]\n    [<ffffffff844af012>] dvb_usb_device_init.cold+0x4e5/0x79e drivers/media/usb/dvb-usb/dvb-usb-init.c:308\n    [<ffffffff830db21d>] dib0700_probe+0x8d/0x1b0 drivers/media/usb/dvb-usb/dib0700_core.c:883\n    [<ffffffff82d3fdc7>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396\n    [<ffffffff8274ab37>] call_driver_probe drivers/base/dd.c:542 [inline]\n    [<ffffffff8274ab37>] really_probe.part.0+0xe7/0x310 drivers/base/dd.c:621\n    [<ffffffff8274ae6c>] really_probe drivers/base/dd.c:583 [inline]\n    [<ffffffff8274ae6c>] __driver_probe_device+0x10c/0x1e0 drivers/base/dd.c:752\n    [<ffffffff8274af6a>] driver_probe_device+0x2a/0x120 drivers/base/dd.c:782\n    [<ffffffff8274b786>] __device_attach_driver+0xf6/0x140 drivers/base/dd.c:899\n    [<ffffffff82747c87>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:427\n    [<ffffffff8274b352>] __device_attach+0x122/0x260 drivers/base/dd.c:970\n    [<ffffffff827498f6>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:487\n    [<ffffffff82745cdb>] device_add+0x5fb/0xdf0 drivers/base/core.c:3405\n    [<ffffffff82d3d202>] usb_set_configuration+0x8f2/0xb80 drivers/usb/core/message.c:2170\n    [<ffffffff82d4dbfc>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238\n    [<ffffffff82d3f49c>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293\n    [<ffffffff8274ab37>] call_driver_probe drivers/base/dd.c:542 [inline]\n    [<ffffffff8274ab37>] really_probe.part.0+0xe7/0x310 drivers/base/dd.c:621\n    [<ffffffff8274ae6c>] really_probe drivers/base/dd.c:583 [inline]\n    [<ffffffff8274ae6c>] __driver_probe_device+0x10c/0x1e0 drivers/base/dd.c:752"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/media/usb/dvb-usb/dvb-usb-init.c"],"versions":[{"version":"4d43e13f723e12734257277cc38497fab1efc605","lessThan":"733bc9e226da2a7f43b10031b8ebfc26d89ec4bd","status":"affected","versionType":"git"},{"version":"4d43e13f723e12734257277cc38497fab1efc605","lessThan":"e5a49140035591d13ff57a7537c65217e5af0d15","status":"affected","versionType":"git"},{"version":"4d43e13f723e12734257277cc38497fab1efc605","lessThan":"21b6b0c9f3796e6917e90db403dae9e74025fc40","status":"affected","versionType":"git"},{"version":"4d43e13f723e12734257277cc38497fab1efc605","lessThan":"17217737c174883dd975885ab4bee4b00f517239","status":"affected","versionType":"git"},{"version":"4d43e13f723e12734257277cc38497fab1efc605","lessThan":"7d7ab25ead969594df05fb09ee46ca931d46c5c8","status":"affected","versionType":"git"},{"version":"4d43e13f723e12734257277cc38497fab1efc605","lessThan":"d0af6220bb1eed8225a5511de5a3bd386b94afa4","status":"affected","versionType":"git"},{"version":"4d43e13f723e12734257277cc38497fab1efc605","lessThan":"e5d01eb6dc2f699a395d3e731c58a9b3bb4e269f","status":"affected","versionType":"git"},{"version":"4d43e13f723e12734257277cc38497fab1efc605","lessThan":"93bbf2ed428142aa9a9693721230b28571678bf8","status":"affected","versionType":"git"},{"version":"4d43e13f723e12734257277cc38497fab1efc605","lessThan":"94d90fb06b94a90c176270d38861bcba34ce377d","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/media/usb/dvb-usb/dvb-usb-init.c"],"versions":[{"version":"2.6.19","status":"affected"},{"version":"0","lessThan":"2.6.19","status":"unaffected","versionType":"semver"},{"version":"4.9.337","lessThanOrEqual":"4.9.*","status":"unaffected","versionType":"semver"},{"version":"4.14.303","lessThanOrEqual":"4.14.*","status":"unaffected","versionType":"semver"},{"version":"4.19.270","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.229","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.163","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.86","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.0.16","lessThanOrEqual":"6.0.*","status":"unaffected","versionType":"semver"},{"version":"6.1.2","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.2","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"4.9.337"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"4.14.303"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"4.19.270"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"5.4.229"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"5.10.163"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"5.15.86"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"6.0.16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"6.1.2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"6.2"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/733bc9e226da2a7f43b10031b8ebfc26d89ec4bd"},{"url":"https://git.kernel.org/stable/c/e5a49140035591d13ff57a7537c65217e5af0d15"},{"url":"https://git.kernel.org/stable/c/21b6b0c9f3796e6917e90db403dae9e74025fc40"},{"url":"https://git.kernel.org/stable/c/17217737c174883dd975885ab4bee4b00f517239"},{"url":"https://git.kernel.org/stable/c/7d7ab25ead969594df05fb09ee46ca931d46c5c8"},{"url":"https://git.kernel.org/stable/c/d0af6220bb1eed8225a5511de5a3bd386b94afa4"},{"url":"https://git.kernel.org/stable/c/e5d01eb6dc2f699a395d3e731c58a9b3bb4e269f"},{"url":"https://git.kernel.org/stable/c/93bbf2ed428142aa9a9693721230b28571678bf8"},{"url":"https://git.kernel.org/stable/c/94d90fb06b94a90c176270d38861bcba34ce377d"}],"title":"media: dvb-usb: fix memory leak in dvb_usb_adapter_init()","x_generator":{"engine":"bippy-1.2.0"}}}}