5.5
CVE-2022-50065
- EPSS 0.16%
- Veröffentlicht 18.06.2025 11:02:11
- Zuletzt bearbeitet 17.11.2025 18:27:46
- CVE-Watchlists
- Unerledigt
virtio_net: fix memory leak inside XPD_TX with mergeable
In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix memory leak inside XPD_TX with mergeable When we call xdp_convert_buff_to_frame() to get xdpf, if it returns NULL, we should check if xdp_page was allocated by xdp_linearize_page(). If it is newly allocated, it should be freed here alone. Just like any other "goto err_xdp".
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.18 < 5.10.138
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.63
Linux ≫ Linux Kernel Version >= 5.16 < 5.19.4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.054 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/faafa2a87f697ee537c29446097e1cc3143506fa
https://git.kernel.org/stable/c/d3723eab11196475ef83279571b2b0bd0924cf82
https://git.kernel.org/stable/c/18e383afbd7047af7b055df6e25436e0ce28f8a5
https://git.kernel.org/stable/c/7a542bee27c6a57e45c33cbbdc963325fd6493af