Unrated severityNVD Advisory· Published Mar 27, 2025· Updated Dec 23, 2025
fbdev: smscufx: fix error handling code in ufx_usb_probe
CVE-2022-49741
Description
In the Linux kernel, the following vulnerability has been resolved:
fbdev: smscufx: fix error handling code in ufx_usb_probe
The current error handling code in ufx_usb_probe have many unmatching issues, e.g., missing ufx_free_usb_list, destroy_modedb label should only include framebuffer_release, fb_dealloc_cmap only matches fb_alloc_cmap.
My local syzkaller reports a memory leak bug:
memory leak in ufx_usb_probe
BUG: memory leak unreferenced object 0xffff88802f879580 (size 128): comm "kworker/0:7", pid 17416, jiffies 4295067474 (age 46.710s) hex dump (first 32 bytes): 80 21 7c 2e 80 88 ff ff 18 d0 d0 0c 80 88 ff ff .!|............. 00 d0 d0 0c 80 88 ff ff e0 ff ff ff 0f 00 00 00 ................ backtrace: [] kmalloc_trace+0x20/0x90 mm/slab_common.c:1045 [] kmalloc include/linux/slab.h:553 [inline] [] kzalloc include/linux/slab.h:689 [inline] [] ufx_alloc_urb_list drivers/video/fbdev/smscufx.c:1873 [inline] [] ufx_usb_probe+0x11c/0x15a0 drivers/video/fbdev/smscufx.c:1655 [] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396 [] call_driver_probe drivers/base/dd.c:560 [inline] [] really_probe+0x12d/0x390 drivers/base/dd.c:639 [] __driver_probe_device+0xbf/0x140 drivers/base/dd.c:778 [] driver_probe_device+0x2a/0x120 drivers/base/dd.c:808 [] __device_attach_driver+0xf7/0x150 drivers/base/dd.c:936 [] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:427 [] __device_attach+0x105/0x2d0 drivers/base/dd.c:1008 [] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:487 [] device_add+0x642/0xdc0 drivers/base/core.c:3517 [] usb_set_configuration+0x8ef/0xb80 drivers/usb/core/message.c:2170 [] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238 [] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293 [] call_driver_probe drivers/base/dd.c:560 [inline] [] really_probe+0x12d/0x390 drivers/base/dd.c:639 [] __driver_probe_device+0xbf/0x140 drivers/base/dd.c:778
Fix this bug by rewriting the error handling code in ufx_usb_probe.
Affected products
85- osv-coords83 versionspkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-default-base&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/kernel-default-base&distro=SUSE%20Manager%20Server%204.3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP4pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/kernel-default&distro=SUSE%20Manager%20Server%204.3pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_40&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_26&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-source&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/kernel-source&distro=SUSE%20Manager%20Server%204.3pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-syms&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/kernel-syms&distro=SUSE%20Manager%20Server%204.3pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Manager%20Server%204.3
< 5.14.21-150400.24.164.1+ 82 more
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150400.24.164.1.150400.24.82.1
- (no CPE)range: < 5.14.21-150400.24.164.1.150400.24.82.1
- (no CPE)range: < 5.14.21-150500.55.103.1.150500.6.49.1
- (no CPE)range: < 5.14.21-150500.55.103.1.150500.6.49.1
- (no CPE)range: < 5.14.21-150400.24.164.1.150400.24.82.1
- (no CPE)range: < 5.14.21-150400.24.164.1.150400.24.82.1
- (no CPE)range: < 5.14.21-150500.55.103.1.150500.6.49.1
- (no CPE)range: < 5.14.21-150400.24.164.1.150400.24.82.1
- (no CPE)range: < 5.14.21-150500.55.103.1.150500.6.49.1
- (no CPE)range: < 5.14.21-150400.24.164.1.150400.24.82.1
- (no CPE)range: < 5.14.21-150500.55.103.1.150500.6.49.1
- (no CPE)range: < 5.14.21-150400.24.164.1.150400.24.82.1
- (no CPE)range: < 5.14.21-150400.24.164.1.150400.24.82.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 1-150400.9.3.1
- (no CPE)range: < 1-150500.11.3.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150400.15.118.1
- (no CPE)range: < 5.14.21-150400.15.118.1
- (no CPE)range: < 5.14.21-150500.13.94.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150400.15.118.1
- (no CPE)range: < 5.14.21-150400.15.118.1
- (no CPE)range: < 5.14.21-150500.13.94.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150400.24.164.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150400.24.164.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- git.kernel.org/stable/c/1b4c08844628dfc8d72d3f51b657f2a5e63b7b4bmitre
- git.kernel.org/stable/c/3931014367ef31d26af65386a4ca496f50f0cfdfmitre
- git.kernel.org/stable/c/3b3d3127f5b4291ae4caaf50f7b66089ad600480mitre
- git.kernel.org/stable/c/64fa364ad3245508d393e16ed4886f92d7eb423cmitre
- git.kernel.org/stable/c/b76449ee75e21acfe9fa4c653d8598f191ed7d68mitre
News mentions
0No linked articles in our index yet.