5.5

CVE-2022-50289

ocfs2: fix memory leak in ocfs2_stack_glue_init()

In the Linux kernel, the following vulnerability has been resolved:

ocfs2: fix memory leak in ocfs2_stack_glue_init()

ocfs2_table_header should be free in ocfs2_stack_glue_init() if
ocfs2_sysfs_init() failed, otherwise kmemleak will report memleak.

BUG: memory leak
unreferenced object 0xffff88810eeb5800 (size 128):
  comm "modprobe", pid 4507, jiffies 4296182506 (age 55.888s)
  hex dump (first 32 bytes):
    c0 40 14 a0 ff ff ff ff 00 00 00 00 01 00 00 00  .@..............
    01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000001e59e1cd>] __register_sysctl_table+0xca/0xef0
    [<00000000c04f70f7>] 0xffffffffa0050037
    [<000000001bd12912>] do_one_initcall+0xdb/0x480
    [<0000000064f766c9>] do_init_module+0x1cf/0x680
    [<000000002ba52db0>] load_module+0x6441/0x6f20
    [<000000009772580d>] __do_sys_finit_module+0x12f/0x1c0
    [<00000000380c1f22>] do_syscall_64+0x3f/0x90
    [<000000004cf473bc>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.27 < 4.9.337
LinuxLinux Kernel Version >= 4.10 < 4.14.303
LinuxLinux Kernel Version >= 4.15 < 4.19.270
LinuxLinux Kernel Version >= 4.20 < 5.4.229
LinuxLinux Kernel Version >= 5.5 < 5.10.163
LinuxLinux Kernel Version >= 5.11 < 5.15.86
LinuxLinux Kernel Version >= 5.16 < 6.0.16
LinuxLinux Kernel Version >= 6.1 < 6.1.2
LinuxLinux Kernel Version2.6.26 Update-
LinuxLinux Kernel Version2.6.26 Updaterc7
LinuxLinux Kernel Version2.6.26 Updaterc8
LinuxLinux Kernel Version2.6.26 Updaterc9
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.044
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/0000281f019111526f7abccc61f2746d2eb626ca
Patch
https://git.kernel.org/stable/c/802abe2bc654e87334e6a0ab6c1adc2b6d5f6394
Patch
https://git.kernel.org/stable/c/b0822faebd79971617abd495beb2d6f5356b88bf
Patch
https://git.kernel.org/stable/c/7c8bf45cea9c8d6fb3e14d8cd5ae60e0372f39b7
Patch
https://git.kernel.org/stable/c/f5f2682d3a34dd8350bf63f232d885fd95f25b92
Patch
https://git.kernel.org/stable/c/61d68cf2ba79128c48d4b3fa4d10c34dc18ba572
Patch
https://git.kernel.org/stable/c/6f6c13776cbee4b6a515f4cd3b859f046be4f6f9
Patch
https://git.kernel.org/stable/c/0b2128b70849f2728949babfc1c760096ef72f5d
Patch
https://git.kernel.org/stable/c/13b6269dd022aaa69ca8d1df374ab327504121cf
Patch