CVE-2022-50537 PUBLISHED

firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe()

Assigner: Linux
Reserved: 07.10.2025 Published: 07.10.2025 Updated: 07.10.2025

In the Linux kernel, the following vulnerability has been resolved:

firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe()

In rpi_firmware_probe(), if mbox_request_channel() fails, the 'fw' will not be freed through rpi_firmware_delete(), fix this leak by calling kfree() in the error path.

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from d537afa08e156a0a72562e625506825c2776fcfa to 62ac943eb2a9d655e431b9bc98ff6d7bd51a0e49 (excl.)
  • affected from 60831f5ae6c713afceb6d29f40899ed112f36059 to d34742245e4366579f9a80f8cfe4a63248e838e0 (excl.)
  • affected from 1e7c57355a3bc617fc220234889e49fe722a6305 to b308fdedef095aac14569f810d46edf773ea7d1e (excl.)
  • affected from 1e7c57355a3bc617fc220234889e49fe722a6305 to 6757dd2193fe18c5c5fe3050e7f2ff9dcbd1ff34 (excl.)
  • affected from 1e7c57355a3bc617fc220234889e49fe722a6305 to 71d2abab374f707ab8ac8dcef191fd2b3b67b8bd (excl.)
  • affected from 1e7c57355a3bc617fc220234889e49fe722a6305 to 7b51161696e803fd5f9ad55b20a64c2df313f95c (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 5.13 is affected
  • unaffected from 0 to 5.13 (excl.)
  • unaffected from 5.10.163 to 5.10.* (incl.)
  • unaffected from 5.15.86 to 5.15.* (incl.)
  • unaffected from 6.0.16 to 6.0.* (incl.)
  • unaffected from 6.1.2 to 6.1.* (incl.)
  • unaffected from 6.2 to * (incl.)

References