CVE-2022-50172 – This CVE describes a memory leak vulnerability ... (How to Fix)

Q: What is the severity of CVE-2022-50172?

CVE-2022-50172 has a CVSS score of 5.5 (MEDIUM). This CVE describes a memory leak vulnerability in the Linux kernel's mt76 wireless driver. When the mt76u_bulk_msg function fails in the __mt76x02u_mcu_send_msg routine, the skb (socket buffer) is not properly freed, leading to potential memory exhaustion. This affects systems using MediaTek MT76x02U USB wireless chipsets.

📋 TL;DR

This CVE describes a memory leak vulnerability in the Linux kernel's mt76 wireless driver. When the mt76u_bulk_msg function fails in the __mt76x02u_mcu_send_msg routine, the skb (socket buffer) is not properly freed, leading to potential memory exhaustion. This affects systems using MediaTek MT76x02U USB wireless chipsets.

💻 Affected Systems

Products:

Linux kernel with mt76 driver

Versions: Linux kernel versions before the fix commits (specific versions vary by distribution)

Operating Systems: Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems using MediaTek MT76x02U USB wireless adapters with the vulnerable driver loaded.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sustained exploitation could lead to kernel memory exhaustion, causing system instability, denial of service, or potential kernel crashes.

🟠

Likely Case

Intermittent wireless connectivity issues or gradual performance degradation due to memory pressure from unreleased buffers.

🟢

If Mitigated

Minimal impact with proper memory management and monitoring in place.

🌐 Internet-Facing: LOW - Requires local access or specific wireless chipset exploitation.

🏢 Internal Only: MEDIUM - Could affect wireless infrastructure devices internally.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires triggering specific failure conditions in the wireless driver, typically requiring local access or wireless chipset manipulation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 2f53ba46d8c97aca681adbe5098e1f84580c446d, 3ad958bc488e3ecb0207d31621c00efb86f17482, cffd93411575afd987788e2ec3cb8eaff70f0215, da1ab462b96c5d47a0755aec957bae3d685538c5, f1609c4f4a21777e081b36596224802b85052ad9

Vendor Advisory: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=2f53ba46d8c97aca681adbe5098e1f84580c446d

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. For distributions: Use package manager (apt/yum/dnf) to update kernel. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable vulnerable driver

linux

Blacklist or disable the mt76 driver if not needed

echo 'blacklist mt76' >> /etc/modprobe.d/blacklist.conf
rmmod mt76

🧯 If You Can't Patch

Monitor system memory usage for unusual patterns
Restrict physical access to USB ports to prevent unauthorized wireless adapter connections

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if mt76 driver is loaded: lsmod | grep mt76 && uname -r

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits or is newer than vulnerable versions

📡 Detection & Monitoring

Log Indicators:

Kernel oops messages
Memory allocation failures in dmesg
Wireless connectivity errors

Network Indicators:

Intermittent wireless disconnections
Unusual wireless adapter behavior

SIEM Query:

source="kernel" AND ("mt76" OR "memory allocation failure")

📊 Metadata

CVE ID: CVE-2022-50172

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-401

EPSS Score: 0.02% exploit probability (3.5th percentile)

Published: June 18, 2025

Last Updated: November 28, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-50172, you might also want to check these: