CVE-2022-50857
rapidio: rio: fix possible name leak in rio_register_mport()
Description
In the Linux kernel, the following vulnerability has been resolved: rapidio: rio: fix possible name leak in rio_register_mport() If device_register() returns error, the name allocated by dev_set_name() need be freed. It should use put_device() to give up the reference in the error path, so that the name can be freed in kobject_cleanup(), and list_del() is called to delete the port from rio_mports.
INFO
Published Date :
Dec. 30, 2025, 1:16 p.m.
Last Modified :
Dec. 30, 2025, 1:16 p.m.
Remotely Exploit :
No
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Products
The following products are affected by CVE-2022-50857
vulnerability.
Even if cvefeed.io is aware of the exact versions of the
products
that
are
affected, the information is not represented in the table below.
No affected product recoded yet
Solution
- Free allocated name on device_register() error.
- Give up reference using put_device() on error path.
- Delete port from rio_mports using list_del().
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2022-50857.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2022-50857 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2022-50857
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2022-50857 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2022-50857 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Dec. 30, 2025
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: rapidio: rio: fix possible name leak in rio_register_mport() If device_register() returns error, the name allocated by dev_set_name() need be freed. It should use put_device() to give up the reference in the error path, so that the name can be freed in kobject_cleanup(), and list_del() is called to delete the port from rio_mports. Added Reference https://git.kernel.org/stable/c/0a71344f99289250e4d5b8adbac76f444485c840 Added Reference https://git.kernel.org/stable/c/117fede82e9d6ea3de30746d500eb5edc2eb8310 Added Reference https://git.kernel.org/stable/c/1bbad5793f404cf218757e3beb600eca6080330f Added Reference https://git.kernel.org/stable/c/4ddbeae5f224d924cf0b12460dda88c7480aa452 Added Reference https://git.kernel.org/stable/c/97d9eb45ffa67ffa112a6659953321b8f7db0065 Added Reference https://git.kernel.org/stable/c/9abba4aa60874c5216fc8de7dededadc791de696 Added Reference https://git.kernel.org/stable/c/a47de2fd3f88a7788be19f94ade72c2244a98045 Added Reference https://git.kernel.org/stable/c/a73a626c0510d203e369aeb26c4d6ec9c75af027 Added Reference https://git.kernel.org/stable/c/e92a216d16bde65d21a3227e0fb2aa0794576525