CVE-2022-50723
Description
In the Linux kernel, the following vulnerability has been resolved:
bnxt_en: fix memory leak in bnxt_nvm_test()
Free the kzalloc'ed buffer before returning in the success path.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
CVE-2022-50723 is a memory leak in the Linux kernel's bnxt_en driver that can be triggered in bnxt_nvm_test() and may lead to resource exhaustion.
Vulnerability
CVE-2022-50723 describes a memory leak in the Linux kernel's bnxt_en driver. The function bnxt_nvm_test() allocates a buffer using kmalloc() but fails to free it in the success path, leading to a memory leak [1].
Exploitation
An attacker with local access and the ability to trigger the bnxt_nvm_test() function on a system with an affected Broadcom NetXtreme NetXtreme network device could exploit this vulnerability. Repeated calls to the device via the netlink or ethtool interface may cause the kernel to leak memory over time [1].
Impact
The primary impact is a memory leak, which, if triggered repeatedly, could lead to system instability or denial of service due to resource exhaustion. There is no evidence of code execution or privilege escalation from this bug [1].
Mitigation
The fix was included in the Linux kernel stable tree, as seen in the commit referenced. Users should apply the kernel update from their distribution or vendor. There is no known public exploit code or CISA KEV listing [1].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
2be083d970317ba077d683d45Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2News mentions
0No linked articles in our index yet.