CVE-2022-50566
Description
In the Linux kernel, the following vulnerability has been resolved:
mtd: Fix device name leak when register device failed in add_mtd_device()
There is a kmemleak when register device failed: unreferenced object 0xffff888101aab550 (size 8): comm "insmod", pid 3922, jiffies 4295277753 (age 925.408s) hex dump (first 8 bytes): 6d 74 64 30 00 88 ff ff mtd0.... backtrace: [<00000000bde26724>] __kmalloc_node_track_caller+0x4e/0x150 [<000000003c32b416>] kvasprintf+0xb0/0x130 [<000000001f7a8f15>] kobject_set_name_vargs+0x2f/0xb0 [<000000006e781163>] dev_set_name+0xab/0xe0 [<00000000e30d0c78>] add_mtd_device+0x4bb/0x700 [<00000000f3d34de7>] mtd_device_parse_register+0x2ac/0x3f0 [<00000000c0d88488>] 0xffffffffa0238457 [<00000000b40d0922>] 0xffffffffa02a008f [<0000000023d17b9d>] do_one_initcall+0x87/0x2a0 [<00000000770f6ca6>] do_init_module+0xdf/0x320 [<000000007b6768fe>] load_module+0x2f98/0x3330 [<00000000346bed5a>] __do_sys_finit_module+0x113/0x1b0 [<00000000674c2290>] do_syscall_64+0x35/0x80 [<000000004c6a8d97>] entry_SYSCALL_64_after_hwframe+0x46/0xb0
If register device failed, should call put_device() to give up the reference.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Memory leak in Linux kernel's MTD device registration when add_mtd_device() fails due to missing put_device() call.
In the Linux kernel, the add_mtd_device() function in the MTD subsystem allocates a device name dynamically. However, if register_device() fails, the allocated name is leaked because the function does not call put_device() to release the reference. This memory leak is observable via kmemleak, as shown in the CVE description [1].
The vulnerability is triggered when an MTD device registration fails, which can occur under error conditions such as invalid device parameters or driver issues. An attacker with the ability to load a faulty MTD module or cause registration failures could repeatedly trigger the leak, leading to memory exhaustion over time. No special privileges are required beyond module loading capability.
The impact is a memory leak that, if exploited repeatedly, could result in denial of service by exhausting system memory. The leak is limited to the device name string (typically small) but can accumulate.
The fix was applied in multiple Linux kernel stable branches. The resolved commits ensure that put_device() is called on the device when registration fails, properly releasing the allocated name. References [1], [2], and [3] point to the specific fix commits in the stable kernels.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
9a75f45afa9322302e2dc42b1db07fe76df01fa0d32ab8407330bc5533e8a71212d7318481b172fb05d63bcabe1dc2a34895d68a39481Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
9- git.kernel.org/stable/c/1b172fb05d6315ecec082fd7544a3390e96f0d7envd
- git.kernel.org/stable/c/2302e2dc42b1f84f951c725ce742fc21c5a1e151nvd
- git.kernel.org/stable/c/330bc5533e8a8ed69cb951d5a8edce9bddb9db21nvd
- git.kernel.org/stable/c/71212d73184845c944ef1b43f092e643e5bde003nvd
- git.kernel.org/stable/c/895d68a39481a75c680aa421546931fb11942fa6nvd
- git.kernel.org/stable/c/a75f45afa932bfb24a2603ebcea5efd2e7cdcfd6nvd
- git.kernel.org/stable/c/bcabe1dc2a344adbb3382930a23e273ba9382277nvd
- git.kernel.org/stable/c/db07fe76df01f40cb897d6e9066b84e46957beb3nvd
- git.kernel.org/stable/c/fa0d32ab8407d7481450c664fd0de64f2dae9489nvd
News mentions
0No linked articles in our index yet.