AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2022-50326: In the Linux kernel, the following vulnerability has been resolved: media: airspy: fix memory leak in airspy probe The

mediumvulnerability

security

Source: NVD/CVE DatabaseSeptember 15, 2025CVE-2022-50326

Summary

CVE-2022-50326 is a memory leak (unused memory that is never freed) in the Linux kernel's airspy media driver. A previous update moved a variable called buf from the stack (temporary memory) to the heap (longer-term memory), but the code only freed this memory when errors occurred, not when the function succeeded, leaving memory wasted.

Solution / Mitigation

Fix this by freeing buf in the success path since this variable does not have any references in other code. The patch is available at: https://git.kernel.org/stable/c/23bc5eb55f8c9607965c20d9ddcc13cb1ae59568 and https://git.kernel.org/stable/c/f4285dd02b6b2ca3435b65fb62c053dd9408fd71

Vulnerability Details

CVSS Score

5.5(medium)

EPSS (30-day exploit probability)

EPSS: 0.0%

Classification

Attack SophisticationTrivial

Taxonomy References

CWE (Weakness Type)

CWE-401

Original source: https://nvd.nist.gov/vuln/detail/CVE-2022-50326

First tracked: February 15, 2026 at 08:52 PM

Classified by LLM (prompt v3) · confidence: 95%