5.5
CVE-2022-50140
- EPSS 0.16%
- Veröffentlicht 18.06.2025 11:03:03
- Zuletzt bearbeitet 18.11.2025 02:56:32
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
memstick/ms_block: Fix a memory leak
In the Linux kernel, the following vulnerability has been resolved: memstick/ms_block: Fix a memory leak 'erased_blocks_bitmap' is never freed. As it is allocated at the same time as 'used_blocks_bitmap', it is likely that it should be freed also at the same time. Add the corresponding bitmap_free() in msb_data_clear().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 3.12 < 4.14.291
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.256
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.211
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.137
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.61
Linux ≫ Linux Kernel Version >= 5.16 < 5.18.18
Linux ≫ Linux Kernel Version >= 5.19 < 5.19.2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.055 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/efd675246aec045507b9425c67b548cc2d782d8f
https://git.kernel.org/stable/c/37958980eb4cd71ae594ace093c11b6a91e165e8
https://git.kernel.org/stable/c/9d8b911fe3c3ed788c66edba7c90e32a4a7a5f53
https://git.kernel.org/stable/c/9260a154b3b5e387dbceec7c0ac441470646bc6f
https://git.kernel.org/stable/c/961d7d12080fe70847f944d656e36cd0dd0214ba
https://git.kernel.org/stable/c/16e07966638717416abf45393d6a80a5a1034429
https://git.kernel.org/stable/c/39be95d1ff7b44c1e969af72ba9da7332dfcc1da
https://git.kernel.org/stable/c/54eb7a55be6779c4d0c25eaf5056498a28595049