1. Home
  2. Vulnerabilities
  3. CVE-2022-50355
0.0
NA
CVE-2022-50355
staging: vt6655: fix some erroneous memory clean-up loops
Description

In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix some erroneous memory clean-up loops In some initialization functions of this driver, memory is allocated with 'i' acting as an index variable and increasing from 0. The commit in "Fixes" introduces some clean-up codes in case of allocation failure, which free memory in reverse order with 'i' decreasing to 0. However, there are some problems: - The case i=0 is left out. Thus memory is leaked. - In case memory allocation fails right from the start, the memory freeing loops will start with i=-1 and invalid memory locations will be accessed. One of these loops has been fixed in commit c8ff91535880 ("staging: vt6655: fix potential memory leak"). Fix the remaining erroneous loops.

INFO

Published Date :

Sept. 17, 2025, 3:15 p.m.

Last Modified :

Sept. 17, 2025, 3:15 p.m.

Remotely Exploit :

No

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Products

The following products are affected by CVE-2022-50355 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

No affected product recoded yet

: Total Affected Vendor : 0 | Products : 0
Solution
Apply kernel updates to fix memory leaks and prevent invalid memory access.
  • Update the Linux kernel to the latest version.
  • Apply the specific commit that fixes erroneous loops.
  • Ensure proper memory allocation and deallocation logic.
  • Review driver initialization code for errors.
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2022-50355.

URL Resource
https://git.kernel.org/stable/c/2a2db520e3ca5aafba7c211abfd397666c9b5f9d
https://git.kernel.org/stable/c/637672a71f5016a40b0a6c0f3c8ad25eacedc8c3
https://git.kernel.org/stable/c/88b9cc60f26e8a05d1ddbddf91b09ca2915f20e0
https://git.kernel.org/stable/c/95ac62e8545be2b0a8cae0beef7c682e2e470e48
https://git.kernel.org/stable/c/a9e9806d1c315bc50dce05479a079b9a104474b8
https://git.kernel.org/stable/c/ed11b73c963292e7b49c0f37025c58ed3b7921d6
https://git.kernel.org/stable/c/f19e5b7df54590c831f350381963f25585c8f7d5
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2022-50355 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2022-50355 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2022-50355 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2022-50355 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Sep. 17, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix some erroneous memory clean-up loops In some initialization functions of this driver, memory is allocated with 'i' acting as an index variable and increasing from 0. The commit in "Fixes" introduces some clean-up codes in case of allocation failure, which free memory in reverse order with 'i' decreasing to 0. However, there are some problems: - The case i=0 is left out. Thus memory is leaked. - In case memory allocation fails right from the start, the memory freeing loops will start with i=-1 and invalid memory locations will be accessed. One of these loops has been fixed in commit c8ff91535880 ("staging: vt6655: fix potential memory leak"). Fix the remaining erroneous loops.
    Added Reference https://git.kernel.org/stable/c/2a2db520e3ca5aafba7c211abfd397666c9b5f9d
    Added Reference https://git.kernel.org/stable/c/637672a71f5016a40b0a6c0f3c8ad25eacedc8c3
    Added Reference https://git.kernel.org/stable/c/88b9cc60f26e8a05d1ddbddf91b09ca2915f20e0
    Added Reference https://git.kernel.org/stable/c/95ac62e8545be2b0a8cae0beef7c682e2e470e48
    Added Reference https://git.kernel.org/stable/c/a9e9806d1c315bc50dce05479a079b9a104474b8
    Added Reference https://git.kernel.org/stable/c/ed11b73c963292e7b49c0f37025c58ed3b7921d6
    Added Reference https://git.kernel.org/stable/c/f19e5b7df54590c831f350381963f25585c8f7d5
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
No CVSS metrics available for this vulnerability.