CVE-2022-50321
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
15/09/2025
Last modified:
03/12/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit()<br />
<br />
The brcmf_netdev_start_xmit() returns NETDEV_TX_OK without freeing skb<br />
in case of pskb_expand_head() fails, add dev_kfree_skb() to fix it.<br />
Compile tested only.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.13 (including) | 4.14.308 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.15 (including) | 4.19.276 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.20 (including) | 5.4.235 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.173 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.99 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.16 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.2.3 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/212fde3fe76e962598ce1d47b97cc78afdfc71b3
- https://git.kernel.org/stable/c/3a4d18318f473e97d628f410215b3fac32d07aed
- https://git.kernel.org/stable/c/4c55fdebc1c358de96bfab52ed309d58a3ba66ef
- https://git.kernel.org/stable/c/7f159116d620615779adbf88a5d94713702216d8
- https://git.kernel.org/stable/c/d869a189505224601e310c7769cb90b0e2f60b31
- https://git.kernel.org/stable/c/e08e6812efb6a8c676e733de0518594d1517e0d9
- https://git.kernel.org/stable/c/e5d01e85cf46628647cd696cb72ba4659b18967f
- https://git.kernel.org/stable/c/e8ef89e5b89ee041a94eecfb6c31fcc237f9168c