CVE-2022-50395

Summary

In the Linux kernel, the following vulnerability has been resolved:

integrity: Fix memory leakage in keyring allocation error path

Key restriction is allocated in integrity_init_keyring(). However, if keyring allocation failed, it is not freed, causing memory leaks.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux2b6aa412ff23a02ac777ad307249c60a839cfd25 < 9b7c44885a07c5ee7f9bf3aa3c9c72fb110c8d22affected
LinuxLinux2b6aa412ff23a02ac777ad307249c60a839cfd25 < 3bd737289c26be3cee4b9afaf61ef784a2af9d6eaffected
LinuxLinux2b6aa412ff23a02ac777ad307249c60a839cfd25 < 29d6c69ba4b96a1de0376e44e5f8b38b13ec8803affected
LinuxLinux2b6aa412ff23a02ac777ad307249c60a839cfd25 < 57e49ad12f8f5df0c48e1710c54b147a05a10c32affected
LinuxLinux2b6aa412ff23a02ac777ad307249c60a839cfd25 < c591c48842f08d30ec6b8416757831985ed9a315affected
LinuxLinux2b6aa412ff23a02ac777ad307249c60a839cfd25 < 39419ef7af0916cc3620ecf1ed42d29659109bf3affected
LinuxLinux4.12affected
LinuxLinux0 < 4.12unaffected
LinuxLinux5.4.229 <= 5.4.*unaffected
LinuxLinux5.10.163 <= 5.10.*unaffected
LinuxLinux5.15.86 <= 5.15.*unaffected
LinuxLinux6.0.16 <= 6.0.*unaffected
LinuxLinux6.1.2 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References