5.5
CVE-2022-49334
- EPSS 0.24%
- Veröffentlicht 26.02.2025 07:01:10
- Zuletzt bearbeitet 01.10.2025 20:16:10
- CVE-Watchlists
- Unerledigt
mm/huge_memory: Fix xarray node memory leak
In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: Fix xarray node memory leak If xas_split_alloc() fails to allocate the necessary nodes to complete the xarray entry split, it sets the xa_state to -ENOMEM, which xas_nomem() then interprets as "Please allocate more memory", not as "Please free any unnecessary memory" (which was the intended outcome). It's confusing to use xas_nomem() to free memory in this context, so call xas_destroy() instead.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.17 < 5.17.15
Linux ≫ Linux Kernel Version >= 5.18 < 5.18.4
Linux ≫ Linux Kernel Version5.19 Updaterc1
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.153 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/69a37a8ba1b408a1c7616494aa7018e4b3844cbe
https://git.kernel.org/stable/c/95c8181b4947e000f3b9b8e5918d899fce77b93d
https://git.kernel.org/stable/c/c0c84962e297927ba57fd6ddc2bb000c9d149655