CVE-2022-49057

EPSS 0.04%
Veröffentlicht 26.02.2025 07:00:42
Zuletzt bearbeitet 23.09.2025 18:28:58
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

block: null_blk: end timed out poll request

In the Linux kernel, the following vulnerability has been resolved:

block: null_blk: end timed out poll request

When poll request is timed out, it is removed from the poll list,
but not completed, so the request is leaked, and never get chance
to complete.

Fix the issue by ending it in timeout handler.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

NVD 3 VulnDex Vulnerability Enrichment 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.16 < 5.17.4

Linux ≫ Linux Kernel Version5.18 Updaterc1

Linux ≫ Linux Kernel Version5.18 Updaterc2

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.105

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/3e3876d322aef82416ecc496a4d4a587e0fdf7a3

Patch

https://git.kernel.org/stable/c/407d09a22f3f685fd634aa5d05840c64b23bfebc

Patch

https://nvd.nist.gov/vuln/detail/CVE-2022-49057

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-49057

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-49057

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2022-49057