Memory leak in Linux kernel - CVE-2022-50474
Published: October 4, 2025 / Updated: October 27, 2025
Vulnerability identifier: #VU116505
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-50474
CWE-ID: CWE-401
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the macio_add_one_device() function in drivers/macintosh/macio_asic.c. A local user can perform a denial of service (DoS) attack.
How to mitigate CVE-2022-50474
Install update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/19ded60b40e86b0903c8d5bd0161437ed5107a8b
- https://git.kernel.org/stable/c/2ac0a7059b7bcbed35bfffa34a82c9a9e99638ef
- https://git.kernel.org/stable/c/35858b87a943917fa30172aa4bf01ce7adbcb42c
- https://git.kernel.org/stable/c/3a866ff6fc2232c8e393cdb55ffb8ce947349e03
- https://git.kernel.org/stable/c/5ca86eae55a2f006e6c1edd2029b2cacb6979515
- https://git.kernel.org/stable/c/76837e7f6b30da72ad59f56291e22804a219e015
- https://git.kernel.org/stable/c/aa9054267366ff0a382d403d17728e21951ddbb9
- https://git.kernel.org/stable/c/b29a2f1dd33ae9b94821ab2f4d398b9081786748
- https://git.kernel.org/stable/c/ca765257feb89dacf604ced9cd233db5f865dee0
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.16