CVE-2022-50451

Source
https://cve.org/CVERecord?id=CVE-2022-50451
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50451.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-50451
Downstream
Published
2025-10-01T11:45:24.652Z
Modified
2026-07-08T07:33:44.140718162Z
Summary
fs/ntfs3: Fix memory leak on ntfs_fill_super() error path
Details

In the Linux kernel, the following vulnerability has been resolved:

fs/ntfs3: Fix memory leak on ntfsfillsuper() error path

syzbot reported kmemleak as below:

BUG: memory leak unreferenced object 0xffff8880122f1540 (size 32): comm "a.out", pid 6664, jiffies 4294939771 (age 25.500s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 ed ff ed ff 00 00 00 00 ................ backtrace: [<ffffffff81b16052>] ntfsinitfscontext+0x22/0x1c0 [<ffffffff8164aaa7>] allocfscontext+0x217/0x430 [<ffffffff81626dd4>] pathmount+0x704/0x1080 [<ffffffff81627e7c>] __x64sysmount+0x18c/0x1d0 [<ffffffff84593e14>] dosyscall64+0x34/0xb0 [<ffffffff84600087>] entrySYSCALL64afterhwframe+0x63/0xcd

This patch fixes this issue by freeing mount options on error path of ntfsfillsuper().

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50451.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
4534a70b7056fd4b9a1c6db5a4ce3c98546b291e
Fixed
2dd9ccfb06bcdad30ad92d96c3affa38a458679e
Fixed
ff0df7d9cdbb12878155168b5234e99029e5377f
Fixed
2600c80ea7b39f987c3fa89287e73d62e322bbbd
Fixed
51e76a232f8c037f1d9e9922edc25b003d5f3414

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50451.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.15.0
Fixed
5.15.87
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.0.17
Type
ECOSYSTEM
Events
Introduced
6.1.0
Fixed
6.1.3

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50451.json"