CVE-2022-50734

devsetname will alloc memory for nvmem->dev.kobj.name in nvmemregister, when nvmemvalidatekeepouts failed, nvmem's memory will be freed and return, but nobody will free memory for nvmem->dev.kobj.name, there will be memleak, so moving nvmemvalidatekeepouts() after deviceregister() and let the device core deal with cleaning name in error cases.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50734.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

de0534df93474f268486c486ea7e01b44a478026

Fixed

9391cc3a787a58aa224a6440d7f244d780ba2896

Fixed

2bd2774df0ce37920b23819a860a66fdbdd90823

Fixed

b6054b9b239a493672f853b034570cca93ba7a88

Fixed

bd1244561fa2a4531ded40dbf09c9599084f8b29

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

c1d44b93ca9f3ebc26b0de0a7f4b7156702762b6

Last affected

63c2b13ba0428b8f477e4adb1d40a50eb4493c09

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50734.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.15.0

Fixed

5.15.75

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

5.19.17

Type: ECOSYSTEM
Events: Introduced

5.20.0

Fixed

6.0.3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50734.json"