5.5
CVE-2022-50269
- EPSS 0.15%
- Veröffentlicht 15.09.2025 14:21:05
- Zuletzt bearbeitet 03.12.2025 18:17:11
- CVE-Watchlists
- Unerledigt
drm/vkms: Fix memory leak in vkms_init()
In the Linux kernel, the following vulnerability has been resolved:
drm/vkms: Fix memory leak in vkms_init()
A memory leak was reported after the vkms module install failed.
unreferenced object 0xffff88810bc28520 (size 16):
comm "modprobe", pid 9662, jiffies 4298009455 (age 42.590s)
hex dump (first 16 bytes):
01 01 00 64 81 88 ff ff 00 00 dc 0a 81 88 ff ff ...d............
backtrace:
[<00000000e7561ff8>] kmalloc_trace+0x27/0x60
[<000000000b1954a0>] 0xffffffffc45200a9
[<00000000abbf1da0>] do_one_initcall+0xd0/0x4f0
[<000000001505ee87>] do_init_module+0x1a4/0x680
[<00000000958079ad>] load_module+0x6249/0x7110
[<00000000117e4696>] __do_sys_finit_module+0x140/0x200
[<00000000f74b12d2>] do_syscall_64+0x35/0x80
[<000000008fc6fcde>] entry_SYSCALL_64_after_hwframe+0x46/0xb0
The reason is that the vkms_init() returns without checking the return
value of vkms_create(), and if the vkms_create() failed, the config
allocated at the beginning of vkms_init() is leaked.
vkms_init()
config = kmalloc(...) # config allocated
...
return vkms_create() # vkms_create failed and config is leaked
Fix this problem by checking return value of vkms_create() and free the
config if error happened.Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.12 < 5.15.99
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.16
Linux ≫ Linux Kernel Version >= 6.2 < 6.2.3
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.041 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/bad13de764888b765ceaa4668893b52bd16653cc
https://git.kernel.org/stable/c/bebd60ec3bf21062f103e32e6203c6daabdbd51b
https://git.kernel.org/stable/c/07ab77154d6fd2d67e465ab5ce30083709950f02
https://git.kernel.org/stable/c/0d0b368b9d104b437e1f4850ae94bdb9a3601e89