SB2025022661 - Memory leak in Linux kernel staging rtl8712 driver
Published: February 26, 2025 Updated: May 11, 2025
Security Bulletin ID
SB2025022661
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2022-49312)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the r8712_usb_dvobj_init(), r871x_dev_unload() and r871xu_dev_remove() functions in drivers/staging/rtl8712/usb_intf.c, within the r8712_free_drv_sw() function in drivers/staging/rtl8712/os_intfs.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/205e039fead72e87ad2838f5e649a4c4834f648b
- https://git.kernel.org/stable/c/5a89a92efc342dd7c44b6056da87debc598f9c73
- https://git.kernel.org/stable/c/7288ff561de650d4139fab80e9cb0da9b5b32434
- https://git.kernel.org/stable/c/8eb42d6d10f8fe509117859defddf9e72b4fa4d0
- https://git.kernel.org/stable/c/a2882b8baad068d21c99fb2ab5a85a2bdbd5b834
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.4