CVE-2022-50376
- Source
- https://cve.org/CVERecord?id=CVE-2022-50376
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50376.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-50376
- Downstream
- Related
- Published
- 2025-09-18T13:32:59.110Z
- Modified
- 2026-04-02T08:28:27.902111Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
orangefs: Fix kmemleak in orangefs_{kernel,client}debuginit()
When insert and remove the orangefs module, there are memory leaked as below:
unreferenced object 0xffff88816b0cc000 (size 2048): comm "insmod", pid 783, jiffies 4294813439 (age 65.512s) hex dump (first 32 bytes): 6e 6f 6e 65 0a 00 00 00 00 00 00 00 00 00 00 00 none............ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<0000000031ab7788>] kmalloctrace+0x27/0xa0 [<000000005b405fee>] orangefsdebugfsinit.cold+0xaf/0x17f [<00000000e5a0085b>] 0xffffffffa02780f9 [<000000004232d9f7>] dooneinitcall+0x87/0x2a0 [<0000000054f22384>] doinitmodule+0xdf/0x320 [<000000003263bdea>] loadmodule+0x2f98/0x3330 [<0000000052cd4153>] _dosysfinitmodule+0x113/0x1b0 [<00000000250ae02b>] dosyscall64+0x35/0x80 [<00000000f11c03c7>] entrySYSCALL64afterhwframe+0x46/0xb0
Use the golbal variable as the buffer rather than dynamic allocate to slove the problem.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50376.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/0cd303aad220fafa595e0ed593e99aa51b90412b
- https://git.kernel.org/stable/c/31720a2b109b3080eb77e97b8f6f50a27b4ae599
- https://git.kernel.org/stable/c/786e5296f9e3b045d5ff9098514ce7b8ba1d890d
- https://git.kernel.org/stable/c/a076490b0211990ec6764328c22cb744dd782bd9
- https://git.kernel.org/stable/c/bdc2d33fa2324b1f5ab5b701cda45ee0b2384409
- https://git.kernel.org/stable/c/c8853267289c55b1acbe4dc3641374887584834d
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50376.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-50376
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedf7ab093f74bf638ed98fd1115f3efa17e308bb7fFixedbdc2d33fa2324b1f5ab5b701cda45ee0b2384409Fixeda076490b0211990ec6764328c22cb744dd782bd9Fixedc8853267289c55b1acbe4dc3641374887584834dFixed786e5296f9e3b045d5ff9098514ce7b8ba1d890dFixed0cd303aad220fafa595e0ed593e99aa51b90412bFixed31720a2b109b3080eb77e97b8f6f50a27b4ae599