CVE - CVE-2022-49389

CVE-ID
CVE-2022-49389	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: usb: usbip: fix a refcount leak in stub_probe() usb_get_dev() is called in stub_device_alloc(). When stub_probe() fails after that, usb_put_dev() needs to be called to release the reference. Fix this by moving usb_put_dev() to sdev_free error path handling. Find this by code review.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/11c65408bd0ba1d9cd1307caa38169292de9cdfb URL:https://git.kernel.org/stable/c/11c65408bd0ba1d9cd1307caa38169292de9cdfb MISC:https://git.kernel.org/stable/c/247d3809e45a34d9e1a3a2bb7012e31ed8b46031 URL:https://git.kernel.org/stable/c/247d3809e45a34d9e1a3a2bb7012e31ed8b46031 MISC:https://git.kernel.org/stable/c/2f0ae93ec33c8456cdfbf7876b80403a6318ebce URL:https://git.kernel.org/stable/c/2f0ae93ec33c8456cdfbf7876b80403a6318ebce MISC:https://git.kernel.org/stable/c/51422046be504515eb5a591adf0f424b62f46804 URL:https://git.kernel.org/stable/c/51422046be504515eb5a591adf0f424b62f46804 MISC:https://git.kernel.org/stable/c/6bafee2f18af5e5ac125e42960bc65496d0e56a0 URL:https://git.kernel.org/stable/c/6bafee2f18af5e5ac125e42960bc65496d0e56a0 MISC:https://git.kernel.org/stable/c/8afb048800919d0ab10c57983940eba956339f21 URL:https://git.kernel.org/stable/c/8afb048800919d0ab10c57983940eba956339f21 MISC:https://git.kernel.org/stable/c/9ec4cbf1cc55d126759051acfe328d489c5d6e60 URL:https://git.kernel.org/stable/c/9ec4cbf1cc55d126759051acfe328d489c5d6e60 MISC:https://git.kernel.org/stable/c/bcbb795a9e78180d74c6ab21518da87e803dfdce URL:https://git.kernel.org/stable/c/bcbb795a9e78180d74c6ab21518da87e803dfdce MISC:https://git.kernel.org/stable/c/f20d2d3b3364ce6525c050a8b6b4c54c8c19674d URL:https://git.kernel.org/stable/c/f20d2d3b3364ce6525c050a8b6b4c54c8c19674d
Assigning CNA
kernel.org
Date Record Created
20250226	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20250226)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2025, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.