{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T06:17:46.723","vulnerabilities":[{"cve":{"id":"CVE-2023-54022","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-12-24T11:15:55.210","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Fix potential memory leaks at error path for UMP open\n\nThe allocation and initialization errors at alloc_midi_urbs() that is\ncalled at MIDI 2.0 / UMP device are supposed to be handled at the\ncaller side by invoking free_midi_urbs().  However, free_midi_urbs()\nloops only for ep->num_urbs entries, and since ep->num_entries wasn't\nupdated yet at the allocation / init error in alloc_midi_urbs(), this\nentry won't be released.\n\nThe intention of free_midi_urbs() is to release the whole elements, so\nchange the loop size to NUM_URBS to scan over all elements for fixing\nthe missed releases.\n\nAlso, the call of free_midi_urbs() is missing at\nsnd_usb_midi_v2_open().  Although it'll be released later at\nreopen/close or disconnection, it's better to release immediately at\nthe error path."}],"metrics":{},"references":[{"url":"https://git.kernel.org/stable/c/b1757fa30ef14f254f4719bf6f7d54a4c8207216","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/f819b343aa95d24d5f7d6e06660c7f62591abc5f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"}]}}]}