-
CVE-2022-50466
- EPSS 0.02%
- Veröffentlicht 01.10.2025 12:15:40
- Zuletzt bearbeitet 02.10.2025 19:12:17
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- Teams Watchlist Login
- Unerledigt Login
In the Linux kernel, the following vulnerability has been resolved:
fs/binfmt_elf: Fix memory leak in load_elf_binary()
There is a memory leak reported by kmemleak:
unreferenced object 0xffff88817104ef80 (size 224):
comm "xfs_admin", pid 47165, jiffies 4298708825 (age 1333.476s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
60 a8 b3 00 81 88 ff ff a8 10 5a 00 81 88 ff ff `.........Z.....
backtrace:
[<ffffffff819171e1>] __alloc_file+0x21/0x250
[<ffffffff81918061>] alloc_empty_file+0x41/0xf0
[<ffffffff81948cda>] path_openat+0xea/0x3d30
[<ffffffff8194ec89>] do_filp_open+0x1b9/0x290
[<ffffffff8192660e>] do_open_execat+0xce/0x5b0
[<ffffffff81926b17>] open_exec+0x27/0x50
[<ffffffff81a69250>] load_elf_binary+0x510/0x3ed0
[<ffffffff81927759>] bprm_execve+0x599/0x1240
[<ffffffff8192a997>] do_execveat_common.isra.0+0x4c7/0x680
[<ffffffff8192b078>] __x64_sys_execve+0x88/0xb0
[<ffffffff83bbf0a5>] do_syscall_64+0x35/0x80
If "interp_elf_ex" fails to allocate memory in load_elf_binary(),
the program will take the "out_free_ph" error handing path,
resulting in "interpreter" file resource is not released.
Fix it by adding an error handing path "out_free_file", which will
release the file resource when "interp_elf_ex" failed to allocate
memory.Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version <
706215300411d48db6b51a5832b872632a84bbc1
Version
0693ffebcfe5ac7b31f63ad54587007f7d96fb7b
Status
affected
Version <
265b6fb780f57d10449a40e94219b28fa52479cc
Version
0693ffebcfe5ac7b31f63ad54587007f7d96fb7b
Status
affected
Version <
acd9b4914f1c5928c7ae8ebc623d6291eb1a573a
Version
0693ffebcfe5ac7b31f63ad54587007f7d96fb7b
Status
affected
Version <
594d2a14f2168c09b13b114c3d457aa939403e52
Version
0693ffebcfe5ac7b31f63ad54587007f7d96fb7b
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
5.7
Status
affected
Version <
5.7
Version
0
Status
unaffected
Version <=
5.10.*
Version
5.10.153
Status
unaffected
Version <=
5.15.*
Version
5.15.77
Status
unaffected
Version <=
6.0.*
Version
6.0.7
Status
unaffected
Version <=
*
Version
6.1
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.048 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|