CVE-2022-50342
- Source
- https://cve.org/CVERecord?id=CVE-2022-50342
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50342.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-50342
- Downstream
- Related
- Published
- 2025-09-16T16:11:21.665Z
- Modified
- 2026-03-11T10:58:48.084796Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- floppy: Fix memory leak in do_floppy_init()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
floppy: Fix memory leak in dofloppyinit()
A memory leak was reported when floppyallocdisk() failed in dofloppyinit().
unreferenced object 0xffff888115ed25a0 (size 8): comm "modprobe", pid 727, jiffies 4295051278 (age 25.529s) hex dump (first 8 bytes): 00 ac 67 5b 81 88 ff ff ..g[.... backtrace: [<000000007f457abb>] __kmallocnode+0x4c/0xc0 [<00000000a87bfa9e>] blkmq_realloctagsettags.part.0+0x6f/0x180 [<000000006f02e8b1>] blkmqalloctagset+0x573/0x1130 [<0000000066007fd7>] 0xffffffffc06b8b08 [<0000000081f5ac40>] dooneinitcall+0xd0/0x4f0 [<00000000e26d04ee>] doinitmodule+0x1a4/0x680 [<000000001bb22407>] loadmodule+0x6249/0x7110 [<00000000ad31ac4d>] __dosysfinit_module+0x140/0x200 [<000000007bddca46>] dosyscall64+0x35/0x80 [<00000000b5afec39>] entrySYSCALL64afterhwframe+0x46/0xb0 unreferenced object 0xffff88810fc30540 (size 32): comm "modprobe", pid 727, jiffies 4295051278 (age 25.529s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<000000007f457abb>] __kmallocnode+0x4c/0xc0 [<000000006b91eab4>] blkmqalloctagset+0x393/0x1130 [<0000000066007fd7>] 0xffffffffc06b8b08 [<0000000081f5ac40>] dooneinitcall+0xd0/0x4f0 [<00000000e26d04ee>] doinitmodule+0x1a4/0x680 [<000000001bb22407>] loadmodule+0x6249/0x7110 [<00000000ad31ac4d>] _dosysfinitmodule+0x140/0x200 [<000000007bddca46>] dosyscall64+0x35/0x80 [<00000000b5afec39>] entrySYSCALL64afterhwframe+0x46/0xb0
If the floppyallocdisk() failed, disks of current drive will not be set, thus the lastest allocated set->tag cannot be freed in the error handling path. A simple call graph shown as below:
floppymoduleinit() floppyinit() dofloppyinit() for (drive = 0; drive < NDRIVE; drive++) blkmqalloctagset() blkmqalloctagsettags() blkmqrealloctagsettags() # set->tag allocated floppyallocdisk() blkmqalloc_disk() # error occurred, disks failed to allocated
->out_put_disk: for (drive = 0; drive < N_DRIVE; drive++) if (!disks[drive][0]) # the last disks is not set and loop break break; blk_mq_free_tag_set() # the latest allocated set->tag leakedFix this problem by free the set->tag of current drive before jump to error handling path.
[efremov: added stable list, changed title]
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50342.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/55b3c66a0d441cd37154ae95e44d0b82ccfd580e
- https://git.kernel.org/stable/c/75d8c8851a4da0190c2480e84315b5fd3d0356c5
- https://git.kernel.org/stable/c/f36d8c8651506aea5f09899f5356ece5d1384f50
- https://git.kernel.org/stable/c/f8ace2e304c5dd8a7328db9cd2b8a4b1b98d83ec
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50342.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-50342
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced302cfee150291c6cd85b1ca197d062d0b423d09cFixedf36d8c8651506aea5f09899f5356ece5d1384f50Fixed75d8c8851a4da0190c2480e84315b5fd3d0356c5Fixed55b3c66a0d441cd37154ae95e44d0b82ccfd580eFixedf8ace2e304c5dd8a7328db9cd2b8a4b1b98d83ec
Affected versions
v5.*
v6.*
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50342.json"
vanir_signatures
[
{
"deprecated": false,
"signature_type": "Line",
"digest": {
"line_hashes": [
"67848557447942636291193858229372977125",
"115959486394345030792438457967964851272",
"97809557335104574017849962875971403372",
"258667378882176373524977509586121696471",
"172404939029695379938738331184128591693"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f8ace2e304c5dd8a7328db9cd2b8a4b1b98d83ec",
"id": "CVE-2022-50342-019b2f37",
"signature_version": "v1",
"target": {
"file": "drivers/block/floppy.c"
}
},
{
"deprecated": false,
"signature_type": "Function",
"digest": {
"function_hash": "95036006152951452699034620765678175886",
"length": 4539.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@55b3c66a0d441cd37154ae95e44d0b82ccfd580e",
"id": "CVE-2022-50342-5d0ea130",
"signature_version": "v1",
"target": {
"function": "do_floppy_init",
"file": "drivers/block/floppy.c"
}
},
{
"deprecated": false,
"signature_type": "Function",
"digest": {
"function_hash": "95036006152951452699034620765678175886",
"length": 4539.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f8ace2e304c5dd8a7328db9cd2b8a4b1b98d83ec",
"id": "CVE-2022-50342-801d746f",
"signature_version": "v1",
"target": {
"function": "do_floppy_init",
"file": "drivers/block/floppy.c"
}
},
{
"deprecated": false,
"signature_type": "Line",
"digest": {
"line_hashes": [
"67848557447942636291193858229372977125",
"115959486394345030792438457967964851272",
"97809557335104574017849962875971403372",
"258667378882176373524977509586121696471",
"172404939029695379938738331184128591693"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@55b3c66a0d441cd37154ae95e44d0b82ccfd580e",
"id": "CVE-2022-50342-cb93ed4d",
"signature_version": "v1",
"target": {
"file": "drivers/block/floppy.c"
}
}
]