CVE-2022-50387 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: net: hinic: fix the issue of CMDQ memory leaks When hinic_set_cmdq_depth() fails in hinic_init_cmdqs(), the cmdq memory is not released correctly. Fix it.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/363cc87767f6ddcfb9158ad2e2afa2f8d5c4b94e
https://git.kernel.org/stable/c/6016d96a6adf66d61655d85da02e1a4c1deccbd6
https://git.kernel.org/stable/c/6603843c80b16957f5d7d14d897faf13cef2b8b9
https://git.kernel.org/stable/c/9145d512ddff76df88832b29575488199df544a1
https://lore.kernel.org/linux-cve-announce/2025091852-CVE-2022-50387-cd0d@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2022-50387
https://www.cve.org/CVERecord?id=CVE-2022-50387

History

Fri, 19 Sep 2025 09:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Vendors & Products		Linux Linux linux Kernel

Fri, 19 Sep 2025 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025091852-CVE-2022-50387-cd0d@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2022-50387 https://www.cve.org/CVERecord?id=CVE-2022-50387
Metrics	threat_severity `None`	cvssV3_1 `{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}` threat_severity `Important`

Thu, 18 Sep 2025 13:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: net: hinic: fix the issue of CMDQ memory leaks When hinic_set_cmdq_depth() fails in hinic_init_cmdqs(), the cmdq memory is not released correctly. Fix it.
Title		net: hinic: fix the issue of CMDQ memory leaks
References		https://git.kernel.org/stable/c/363cc87767f6ddcfb9158ad2e2afa2f8d5c4b94e https://git.kernel.org/stable/c/6016d96a6adf66d61655d85da02e1a4c1deccbd6 https://git.kernel.org/stable/c/6603843c80b16957f5d7d14d897faf13cef2b8b9 https://git.kernel.org/stable/c/9145d512ddff76df88832b29575488199df544a1

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-18T13:33:07.932Z

Updated: 2025-09-18T13:33:07.932Z

Reserved: 2025-09-17T14:53:06.997Z

Link: CVE-2022-50387

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-09-18T14:15:37.610

Modified: 2025-09-18T14:15:37.610

Link: CVE-2022-50387

Redhat

Severity : Important

Publid Date: 2025-09-18T00:00:00Z

Links: CVE-2022-50387 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object