5.5
CVE-2022-50289
- EPSS 0.15%
- Veröffentlicht 15.09.2025 14:21:25
- Zuletzt bearbeitet 03.12.2025 19:26:03
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
ocfs2: fix memory leak in ocfs2_stack_glue_init()
In the Linux kernel, the following vulnerability has been resolved:
ocfs2: fix memory leak in ocfs2_stack_glue_init()
ocfs2_table_header should be free in ocfs2_stack_glue_init() if
ocfs2_sysfs_init() failed, otherwise kmemleak will report memleak.
BUG: memory leak
unreferenced object 0xffff88810eeb5800 (size 128):
comm "modprobe", pid 4507, jiffies 4296182506 (age 55.888s)
hex dump (first 32 bytes):
c0 40 14 a0 ff ff ff ff 00 00 00 00 01 00 00 00 .@..............
01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<000000001e59e1cd>] __register_sysctl_table+0xca/0xef0
[<00000000c04f70f7>] 0xffffffffa0050037
[<000000001bd12912>] do_one_initcall+0xdb/0x480
[<0000000064f766c9>] do_init_module+0x1cf/0x680
[<000000002ba52db0>] load_module+0x6441/0x6f20
[<000000009772580d>] __do_sys_finit_module+0x12f/0x1c0
[<00000000380c1f22>] do_syscall_64+0x3f/0x90
[<000000004cf473bc>] entry_SYSCALL_64_after_hwframe+0x63/0xcdDaten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 2.6.27 < 4.9.337
Linux ≫ Linux Kernel Version >= 4.10 < 4.14.303
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.270
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.229
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.163
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.86
Linux ≫ Linux Kernel Version >= 5.16 < 6.0.16
Linux ≫ Linux Kernel Version >= 6.1 < 6.1.2
Linux ≫ Linux Kernel Version2.6.26 Update-
Linux ≫ Linux Kernel Version2.6.26 Updaterc7
Linux ≫ Linux Kernel Version2.6.26 Updaterc8
Linux ≫ Linux Kernel Version2.6.26 Updaterc9
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.044 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/0000281f019111526f7abccc61f2746d2eb626ca
https://git.kernel.org/stable/c/802abe2bc654e87334e6a0ab6c1adc2b6d5f6394
https://git.kernel.org/stable/c/b0822faebd79971617abd495beb2d6f5356b88bf
https://git.kernel.org/stable/c/7c8bf45cea9c8d6fb3e14d8cd5ae60e0372f39b7
https://git.kernel.org/stable/c/f5f2682d3a34dd8350bf63f232d885fd95f25b92
https://git.kernel.org/stable/c/61d68cf2ba79128c48d4b3fa4d10c34dc18ba572
https://git.kernel.org/stable/c/6f6c13776cbee4b6a515f4cd3b859f046be4f6f9
https://git.kernel.org/stable/c/0b2128b70849f2728949babfc1c760096ef72f5d
https://git.kernel.org/stable/c/13b6269dd022aaa69ca8d1df374ab327504121cf