CVE-2022-50759
Description
In the Linux kernel, the following vulnerability has been resolved:
media: i2c: ov5648: Free V4L2 fwnode data on unbind
The V4L2 fwnode data structure doesn't get freed on unbind, which leads to a memleak.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A memory leak in the Linux kernel's OV5648 camera sensor driver occurs because the V4L2 fwnode data structure is not freed on unbind.
Vulnerability
Overview
The vulnerability is a memory leak in the Linux kernel's OV5648 camera sensor driver (media: i2c: ov5648). The V4L2 fwnode data structure, which is allocated during driver probe, is not freed when the driver is unbound from the device. This leads to a kernel memory leak, as the allocated memory is never released [1].
Exploitation and
Impact
To exploit this, an attacker would need the ability to repeatedly bind and unbind the OV5648 driver, which typically requires root privileges or access to driver sysfs interfaces. Each unbind operation leaks a small amount of kernel memory. Over time, repeated operations could exhaust kernel memory, potentially leading to denial of service (system instability or crash). No authentication from a remote network is required; the attack is local.
Mitigation
The fix is included in the Linux kernel stable tree as commit referenced [1]. Users should update to a kernel version containing this commit. No workaround is mentioned in the source.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
34a34fd4d9b543a54b7286893c95770e4fc17Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
3News mentions
0No linked articles in our index yet.