5.5
CVE-2022-50074
- EPSS 0.16%
- Veröffentlicht 18.06.2025 11:02:18
- Zuletzt bearbeitet 17.11.2025 19:31:52
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
apparmor: Fix memleak in aa_simple_write_to_buffer()
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix memleak in aa_simple_write_to_buffer() When copy_from_user failed, the memory is freed by kvfree. however the management struct and data blob are allocated independently, so only kvfree(data) cause a memleak issue here. Use aa_put_loaddata(data) to fix this issue.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.17 < 4.19.256
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.211
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.138
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.63
Linux ≫ Linux Kernel Version >= 5.16 < 5.19.4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.055 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/6500eb3a48ac221051b1791818a1ac74744ef617
https://git.kernel.org/stable/c/7db182a2ebeefded86fea542fcc5d6a68bb77f58
https://git.kernel.org/stable/c/8aab4295582eb397a125d2788b829fa62b88dbf7
https://git.kernel.org/stable/c/bf7ebebce2c25071c719fd8a2f1307e0c243c2d7
https://git.kernel.org/stable/c/6583edbf459de2e06b9759f264c0ae27e452b97a
https://git.kernel.org/stable/c/417ea9fe972d2654a268ad66e89c8fcae67017c3