Home

Description

In the Linux kernel, the following vulnerability has been resolved: mtd: Fix device name leak when register device failed in add_mtd_device() There is a kmemleak when register device failed: unreferenced object 0xffff888101aab550 (size 8): comm "insmod", pid 3922, jiffies 4295277753 (age 925.408s) hex dump (first 8 bytes): 6d 74 64 30 00 88 ff ff mtd0.... backtrace: [<00000000bde26724>] __kmalloc_node_track_caller+0x4e/0x150 [<000000003c32b416>] kvasprintf+0xb0/0x130 [<000000001f7a8f15>] kobject_set_name_vargs+0x2f/0xb0 [<000000006e781163>] dev_set_name+0xab/0xe0 [<00000000e30d0c78>] add_mtd_device+0x4bb/0x700 [<00000000f3d34de7>] mtd_device_parse_register+0x2ac/0x3f0 [<00000000c0d88488>] 0xffffffffa0238457 [<00000000b40d0922>] 0xffffffffa02a008f [<0000000023d17b9d>] do_one_initcall+0x87/0x2a0 [<00000000770f6ca6>] do_init_module+0xdf/0x320 [<000000007b6768fe>] load_module+0x2f98/0x3330 [<00000000346bed5a>] __do_sys_finit_module+0x113/0x1b0 [<00000000674c2290>] do_syscall_64+0x35/0x80 [<000000004c6a8d97>] entry_SYSCALL_64_after_hwframe+0x46/0xb0 If register device failed, should call put_device() to give up the reference.

PUBLISHED Reserved 2025-10-22 | Published 2025-10-22 | Updated 2025-10-22 | Assigner Linux

Product status

Default status
unaffected

1f24b5a8ecbb2a3c7080f418974d40e3ffedb221 (git) before a75f45afa932bfb24a2603ebcea5efd2e7cdcfd6
affected

1f24b5a8ecbb2a3c7080f418974d40e3ffedb221 (git) before 2302e2dc42b1f84f951c725ce742fc21c5a1e151
affected

1f24b5a8ecbb2a3c7080f418974d40e3ffedb221 (git) before db07fe76df01f40cb897d6e9066b84e46957beb3
affected

1f24b5a8ecbb2a3c7080f418974d40e3ffedb221 (git) before fa0d32ab8407d7481450c664fd0de64f2dae9489
affected

1f24b5a8ecbb2a3c7080f418974d40e3ffedb221 (git) before 330bc5533e8a8ed69cb951d5a8edce9bddb9db21
affected

1f24b5a8ecbb2a3c7080f418974d40e3ffedb221 (git) before 71212d73184845c944ef1b43f092e643e5bde003
affected

1f24b5a8ecbb2a3c7080f418974d40e3ffedb221 (git) before 1b172fb05d6315ecec082fd7544a3390e96f0d7e
affected

1f24b5a8ecbb2a3c7080f418974d40e3ffedb221 (git) before bcabe1dc2a344adbb3382930a23e273ba9382277
affected

1f24b5a8ecbb2a3c7080f418974d40e3ffedb221 (git) before 895d68a39481a75c680aa421546931fb11942fa6
affected

Default status
affected

2.6.30
affected

Any version before 2.6.30
unaffected

4.9.337 (semver)
unaffected

4.14.303 (semver)
unaffected

4.19.270 (semver)
unaffected

5.4.229 (semver)
unaffected

5.10.163 (semver)
unaffected

5.15.86 (semver)
unaffected

6.0.16 (semver)
unaffected

6.1.2 (semver)
unaffected

6.2 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/a75f45afa932bfb24a2603ebcea5efd2e7cdcfd6

git.kernel.org/...c/2302e2dc42b1f84f951c725ce742fc21c5a1e151

git.kernel.org/...c/db07fe76df01f40cb897d6e9066b84e46957beb3

git.kernel.org/...c/fa0d32ab8407d7481450c664fd0de64f2dae9489

git.kernel.org/...c/330bc5533e8a8ed69cb951d5a8edce9bddb9db21

git.kernel.org/...c/71212d73184845c944ef1b43f092e643e5bde003

git.kernel.org/...c/1b172fb05d6315ecec082fd7544a3390e96f0d7e

git.kernel.org/...c/bcabe1dc2a344adbb3382930a23e273ba9382277

git.kernel.org/...c/895d68a39481a75c680aa421546931fb11942fa6

cve.org (CVE-2022-50566)

nvd.nist.gov (CVE-2022-50566)

Download JSON