CVE-2022-50565
Description
In the Linux kernel, the following vulnerability has been resolved:
wifi: plfxlc: fix potential memory leak in __lf_x_usb_enable_rx()
urbs does not be freed in exception paths in __lf_x_usb_enable_rx(). That will trigger memory leak. To fix it, add kfree() for urbs within "error" label. Compile tested only.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A memory leak in the plfxlc wireless driver's __lf_x_usb_enable_rx() function can lead to resource exhaustion if error paths fail to free allocated URBs.
Root
Cause
In the Linux kernel's plfxlc wireless driver, the function __lf_x_usb_enable_rx() allocates URBs (USB request blocks) but fails to free them on certain error paths [1][2]. This oversight means that when an error occurs during URB submission, the previously allocated urbs are not deallocated, leading to a memory leak.
Exploitation
The vulnerability can be triggered only during USB device initialization when errors occur, such as a failed usb_submit_urb() call. An attacker with physical access or the ability to cause such errors could repeatedly trigger the leak, potentially leading to kernel memory exhaustion.
Impact
Successful exploitation could lead to denial of service by exhausting system memory, causing system instability. The attacker gains no code execution or privilege escalation directly.
Mitigation
The fix has been applied in the Linux kernel upstream and backported to stable releases [1][2]. Users are advised to update their kernels to the latest patched versions. No workaround is available.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
3286464463a05fce7e4627364895b3b06efc2Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
3News mentions
0No linked articles in our index yet.