CVE-2022-50829

NONE EPSS 14.8%
Published Dec 30, 20256mo ago · Modified Jun 17, 20261w ago
Find Similar
Published Dec 30, 2025 6mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() It is possible that skb is freed in ath9k_htc_rx_msg(), then usb_submit_urb() fails and we try to free skb again. It causes use-after-free bug. Moreover, if alloc_skb() fails, urb->context becomes NULL but rx_buf is not freed and there can be a memory leak. The patch removes unnecessary nskb and makes skb processing more clear: it is supposed that ath9k_htc_rx_msg() either frees old skb or passes its managing to another callback function. Found by Linux Verification Center (linuxtesting.org) with Syzkaller.

Threat Intelligence

EPSS Exploit Probability
14.8% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 9

  • git.kernel.org https://git.kernel.org/stable/c/0c8dd2ea4b419da96ab4953e4967e9363e2f8a4f
  • git.kernel.org https://git.kernel.org/stable/c/355f16f756aad0c95cdaa0c14a34ab4137d32815
  • git.kernel.org https://git.kernel.org/stable/c/53b9bb1a00c4285ee7f58a11129dbea015db61bc
  • git.kernel.org https://git.kernel.org/stable/c/5e8751a977a49a6e00cce1a8da5ca16da83f9c8c
  • git.kernel.org https://git.kernel.org/stable/c/71fc0ad671a62c494d2aec731baeabd3bfe6c95d
  • git.kernel.org https://git.kernel.org/stable/c/988bd27de2484faf17afe0408db2e3d9e5ac61fc
  • git.kernel.org https://git.kernel.org/stable/c/98d9172822dc6f38138333941984bd759a89d419
  • git.kernel.org https://git.kernel.org/stable/c/dd95f2239fc846795fc926787c3ae0ca701c9840
  • git.kernel.org https://git.kernel.org/stable/c/f127c2b4c967025e5c3a4ce7e13b79135d46a33d

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.