CVE-2022-50451

EPSS 0.02%
Published 01.10.2025 12:15:38
Last modified 02.10.2025 19:12:17
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

fs/ntfs3: Fix memory leak on ntfs_fill_super() error path

syzbot reported kmemleak as below:

BUG: memory leak
unreferenced object 0xffff8880122f1540 (size 32):
  comm "a.out", pid 6664, jiffies 4294939771 (age 25.500s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 ed ff ed ff 00 00 00 00  ................
  backtrace:
    [<ffffffff81b16052>] ntfs_init_fs_context+0x22/0x1c0
    [<ffffffff8164aaa7>] alloc_fs_context+0x217/0x430
    [<ffffffff81626dd4>] path_mount+0x704/0x1080
    [<ffffffff81627e7c>] __x64_sys_mount+0x18c/0x1d0
    [<ffffffff84593e14>] do_syscall_64+0x34/0xb0
    [<ffffffff84600087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd

This patch fixes this issue by freeing mount options on error path of
ntfs_fill_super().

Affected products Warnungen 0 Metrics 1 CWE 0 References 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < 2dd9ccfb06bcdad30ad92d96c3affa38a458679e

Version 4534a70b7056fd4b9a1c6db5a4ce3c98546b291e

Status affected

Version < ff0df7d9cdbb12878155168b5234e99029e5377f

Version 4534a70b7056fd4b9a1c6db5a4ce3c98546b291e

Status affected

Version < 2600c80ea7b39f987c3fa89287e73d62e322bbbd

Version 4534a70b7056fd4b9a1c6db5a4ce3c98546b291e

Status affected

Version < 51e76a232f8c037f1d9e9922edc25b003d5f3414

Version 4534a70b7056fd4b9a1c6db5a4ce3c98546b291e

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 5.15

Status affected

Version < 5.15

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.87

Status unaffected

Version <= 6.0.*

Version 6.0.17

Status unaffected

Version <= 6.1.*

Version 6.1.3

Status unaffected

Version <= *

Version 6.2

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.048

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/2600c80ea7b39f987c3fa89287e73d62e322bbbd

https://git.kernel.org/stable/c/2dd9ccfb06bcdad30ad92d96c3affa38a458679e

https://git.kernel.org/stable/c/51e76a232f8c037f1d9e9922edc25b003d5f3414

https://git.kernel.org/stable/c/ff0df7d9cdbb12878155168b5234e99029e5377f

https://nvd.nist.gov/vuln/detail/CVE-2022-50451

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50451

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50451

EUVD