CVE-2022-50162

wifi: libertas: Fix possible refcount leak in if_usb_probe()

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: Fix possible refcount leak in if_usb_probe() usb_get_dev will be called before lbs_get_firmware_async which means that usb_put_dev need to be called when lbs_get_firmware_async fails.

N/A

CVSS

Severity:

EPSS 0.02%

Affected: Linux Linux

References

Link	Tags
https://git.kernel.org/stable/c/61b2ec97487399c58ae2e34f250f4884e671799b
https://git.kernel.org/stable/c/4c8e2f9ce1428e44cb103035eeced7aeb6b80980
https://git.kernel.org/stable/c/878e7f39803a9ab5bb9766956a7a04351d4bf99d
https://git.kernel.org/stable/c/97e5d3e46a3a2100253a9717a4df98d68aeb10b8
https://git.kernel.org/stable/c/d7365590d15bbd9008f424ef043d1778ffe29f42
https://git.kernel.org/stable/c/00d0c4e59c0f8ad1f86874bb64b220394e687028
https://git.kernel.org/stable/c/5b92f406a5199b6b01dc664b9226d824ae2835f0
https://git.kernel.org/stable/c/6fd57e1d120bf13d4dc6c200a7cf914e6347a316

Frequently Asked Questions

What is the severity of CVE-2022-50162?: CVE-2022-50162 has not yet been assigned a CVSS score.
How to fix CVE-2022-50162?: To fix CVE-2022-50162, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-50162 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2022-50162 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-50162?: CVE-2022-50162 affects Linux Linux, Linux Linux.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.