CVE-2022-50740
Published: Dec 24, 2025
Modified: May 23, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs() Syzkaller reports a long-known leak of urbs in ath9k_hif_usb_dealloc_tx_urbs(). The cause of the leak is that usb_get_urb() is called but usb_free_urb() (or usb_put_urb()) is not called inside usb_kill_urb() as urb->dev or urb->ep fields have not been initialized and usb_kill_urb() returns immediately. The patch removes trying to kill urbs located in hif_dev->tx.tx_buf because hif_dev->tx.tx_buf is not supposed to contain urbs which are in pending state (the pending urbs are stored in hif_dev->tx.tx_pending). The tx.tx_lock is acquired so there should not be any changes in the list. Found by Linux Verification Center (linuxtesting.org) with Syzkaller.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 6f0706ef39fecc6bf56d67728fe0c94e26b43e9d - < 134ae5eba41294eff76e4be20d6001b8f0192207affected 795d57a558d106b8a5bc2bd7aeaf707d9a099244 - < 472312fef2b9eccaa03bd59e0ab2527da945e736affected df4318440c1568b7dedc5f7d4e617d0e297a1313 - < eddbb8f7620f9f8008b090a6e10c460074ca575aaffected a9990ed2d7ca9339d37c7f67d6f5cb298c3f1b34 - < 9850791d389b342ae6e573fe8198db0b4d338352affected 03fb92a432ea5abe5909bca1455b7e44a9380480 - < c3fb3e9a2c0c1a0fa492d90eb19bcfa92a5f884d+14 more versions |
Linux | Linux | affected 5.10unaffected 0 - < 5.10unaffected 4.9.337 - <= 4.9.*unaffected 4.14.303 - <= 4.14.*unaffected 4.19.270 - <= 4.19.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now