CVE-2023-54022

Published: Dic 24, 2025 Last Modified: Dic 29, 2025

ExploitDB:

Other exploit source:

Google Dorks:

Description

AI Translation Available

In the Linux kernel, the following vulnerability has been resolved:

ALSA: usb-audio: Fix potential memory leaks at error path for UMP open

The allocation and initialization errors at alloc_midi_urbs() that is
called at MIDI 2.0 / UMP device are supposed to be handled at the
caller side by invoking free_midi_urbs(). However, free_midi_urbs()
loops only for ep->num_urbs entries, and since ep->num_entries wasn't
updated yet at the allocation / init error in alloc_midi_urbs(), this
entry won't be released.

The intention of free_midi_urbs() is to release the whole elements, so
change the loop size to NUM_URBS to scan over all elements for fixing
the missed releases.

Also, the call of free_midi_urbs() is missing at
snd_usb_midi_v2_open(). Although it'll be released later at
reopen/close or disconnection, it's better to release immediately at
the error path.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0002

Percentile

0,1th

Updated

EPSS Score Trend (Last 83 Days)

https://git.kernel.org/stable/c/b1757fa30ef14f254f4719bf6f7…

https://git.kernel.org/stable/c/b1757fa30ef14f254f4719bf6f7d54a4c8207216

https://git.kernel.org/stable/c/f819b343aa95d24d5f7d6e06660…

https://git.kernel.org/stable/c/f819b343aa95d24d5f7d6e06660c7f62591abc5f

CVE-2023-54022

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 83 Days)

Iscriviti alla newsletter