SB2025120836 - Memory leak in Linux kernel usb dvb-usb driver
Published: December 8, 2025 Updated: December 12, 2025
Security Bulletin ID
SB2025120836
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2022-50626)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dvb_usb_adapter_init() function in drivers/media/usb/dvb-usb/dvb-usb-init.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/17217737c174883dd975885ab4bee4b00f517239
- https://git.kernel.org/stable/c/21b6b0c9f3796e6917e90db403dae9e74025fc40
- https://git.kernel.org/stable/c/733bc9e226da2a7f43b10031b8ebfc26d89ec4bd
- https://git.kernel.org/stable/c/7d7ab25ead969594df05fb09ee46ca931d46c5c8
- https://git.kernel.org/stable/c/93bbf2ed428142aa9a9693721230b28571678bf8
- https://git.kernel.org/stable/c/94d90fb06b94a90c176270d38861bcba34ce377d
- https://git.kernel.org/stable/c/d0af6220bb1eed8225a5511de5a3bd386b94afa4
- https://git.kernel.org/stable/c/e5a49140035591d13ff57a7537c65217e5af0d15
- https://git.kernel.org/stable/c/e5d01eb6dc2f699a395d3e731c58a9b3bb4e269f
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.16