CVE-2022-50076

EPSS 0.03%
Veröffentlicht 18.06.2025 11:02:19
Zuletzt bearbeitet 18.06.2025 13:47:40
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

cifs: Fix memory leak on the deferred close

xfstests on smb21 report kmemleak as below:

  unreferenced object 0xffff8881767d6200 (size 64):
    comm "xfs_io", pid 1284, jiffies 4294777434 (age 20.789s)
    hex dump (first 32 bytes):
      80 5a d0 11 81 88 ff ff 78 8a aa 63 81 88 ff ff  .Z......x..c....
      00 71 99 76 81 88 ff ff 00 00 00 00 00 00 00 00  .q.v............
    backtrace:
      [<00000000ad04e6ea>] cifs_close+0x92/0x2c0
      [<0000000028b93c82>] __fput+0xff/0x3f0
      [<00000000d8116851>] task_work_run+0x85/0xc0
      [<0000000027e14f9e>] do_exit+0x5e5/0x1240
      [<00000000fb492b95>] do_group_exit+0x58/0xe0
      [<00000000129a32d9>] __x64_sys_exit_group+0x28/0x30
      [<00000000e3f7d8e9>] do_syscall_64+0x35/0x80
      [<00000000102e8a0b>] entry_SYSCALL_64_after_hwframe+0x46/0xb0

When cancel the deferred close work, we should also cleanup the struct
cifs_deferred_close.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 860efae127888ae535bc4eda1b7f27642727c69e

Version 9e992755be8f2d458a0bcbefd19e493483c1dba2

Status affected

Version < 60b6d38add7b9c17d6e5d49ee8e930ea1a5650c5

Version 9e992755be8f2d458a0bcbefd19e493483c1dba2

Status affected

Version < ca08d0eac020d48a3141dbec0a3cf64fbdb17cde

Version 9e992755be8f2d458a0bcbefd19e493483c1dba2

Status affected

Version 0ca6ac8a2691762307beaa4841255d1cfe6b2684

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.14

Status affected

Version < 5.14

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.63

Status unaffected

Version <= 5.19.*

Version 5.19.4

Status unaffected

Version <= *

Version 6.0

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.051

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/860efae127888ae535bc4eda1b7f27642727c69e

https://git.kernel.org/stable/c/60b6d38add7b9c17d6e5d49ee8e930ea1a5650c5

https://git.kernel.org/stable/c/ca08d0eac020d48a3141dbec0a3cf64fbdb17cde

https://nvd.nist.gov/vuln/detail/CVE-2022-50076

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50076

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50076

EUVD