-
CVE-2022-50577
- EPSS 0.03%
- Veröffentlicht 22.10.2025 13:23:30
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
ima: Fix memory leak in __ima_inode_hash()
In the Linux kernel, the following vulnerability has been resolved:
ima: Fix memory leak in __ima_inode_hash()
Commit f3cc6b25dcc5 ("ima: always measure and audit files in policy") lets
measurement or audit happen even if the file digest cannot be calculated.
As a result, iint->ima_hash could have been allocated despite
ima_collect_measurement() returning an error.
Since ima_hash belongs to a temporary inode metadata structure, declared
at the beginning of __ima_inode_hash(), just add a kfree() call if
ima_collect_measurement() returns an error different from -ENOMEM (in that
case, ima_hash should not have been allocated).Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
280fe8367b0dc45b6ac5e04fad03e16e99540c0c
Version <
c4df8cb38f139ed9f4296868c0a6f15a26e8c491
Status
affected
Version
280fe8367b0dc45b6ac5e04fad03e16e99540c0c
Version <
f375bcf69f58fd0744c9dfd1b6b891a27301d67b
Status
affected
Version
280fe8367b0dc45b6ac5e04fad03e16e99540c0c
Version <
8c1d6a050a0f16e0a9d32eaf53b965c77279c6f8
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
5.18
Status
affected
Version
0
Version <
5.18
Status
unaffected
Version <=
6.0.*
Version
6.0.18
Status
unaffected
Version <=
6.1.*
Version
6.1.4
Status
unaffected
Version <=
*
Version
6.2
Status
unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.073 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|