CVE-2022-50667

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/vmwgfx: Fix memory leak in vmw_mksstat_add_ioctl()

If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which leads to a memleak.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux7a7a933edd6c3a6d5d64e08093f2d564104cefcd < b47a37ad4a444d82f9caf153a79d090b79786ebbaffected
LinuxLinux7a7a933edd6c3a6d5d64e08093f2d564104cefcd < 6ad40bbb2c25f17b899fcea114ebc0a46d8a938baffected
LinuxLinux7a7a933edd6c3a6d5d64e08093f2d564104cefcd < 53066b144715332ce9370143c33c50d9a4d3e809affected
LinuxLinux7a7a933edd6c3a6d5d64e08093f2d564104cefcd < a40c7f61d12fbd1e785e59140b9efd57127c0c33affected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux5.15.75 <= 5.15.*unaffected
LinuxLinux5.19.17 <= 5.19.*unaffected
LinuxLinux6.0.3 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

References