CVE-2022-50854
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
30/12/2025
Last modified:
30/12/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
nfc: virtual_ncidev: Fix memory leak in virtual_nci_send()<br />
<br />
skb should be free in virtual_nci_send(), otherwise kmemleak will report<br />
memleak.<br />
<br />
Steps for reproduction (simulated in qemu):<br />
cd tools/testing/selftests/nci<br />
make<br />
./nci_dev<br />
<br />
BUG: memory leak<br />
unreferenced object 0xffff888107588000 (size 208):<br />
comm "nci_dev", pid 206, jiffies 4294945376 (age 368.248s)<br />
hex dump (first 32 bytes):<br />
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................<br />
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................<br />
backtrace:<br />
[] __alloc_skb+0x1da/0x290<br />
[] nci_send_cmd+0xa3/0x350<br />
[] nci_reset_req+0x6b/0xa0<br />
[] __nci_request+0x90/0x250<br />
[] nci_dev_up+0x217/0x5b0<br />
[] nfc_dev_up+0x114/0x220<br />
[] nfc_genl_dev_up+0x94/0xe0<br />
[] genl_family_rcv_msg_doit.isra.14+0x228/0x2d0<br />
[] genl_rcv_msg+0x35c/0x640<br />
[] netlink_rcv_skb+0x11e/0x350<br />
[] genl_rcv+0x24/0x40<br />
[] netlink_unicast+0x43f/0x640<br />
[] netlink_sendmsg+0x73a/0xbf0<br />
[] __sys_sendto+0x324/0x370<br />
[] __x64_sys_sendto+0xdd/0x1b0<br />
[] do_syscall_64+0x3f/0x90