DEBIAN-CVE-2022-50269
- Source
- https://security-tracker.debian.org/tracker/CVE-2022-50269
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2022-50269.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2022-50269
- Upstream
- Published
- 2025-09-15T15:15:37Z
- Modified
- 2025-09-25T03:23:40.785299Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix memory leak in vkmsinit() A memory leak was reported after the vkms module install failed. unreferenced object 0xffff88810bc28520 (size 16): comm "modprobe", pid 9662, jiffies 4298009455 (age 42.590s) hex dump (first 16 bytes): 01 01 00 64 81 88 ff ff 00 00 dc 0a 81 88 ff ff ...d............ backtrace: [<00000000e7561ff8>] kmalloctrace+0x27/0x60 [<000000000b1954a0>] 0xffffffffc45200a9 [<00000000abbf1da0>] dooneinitcall+0xd0/0x4f0 [<000000001505ee87>] doinitmodule+0x1a4/0x680 [<00000000958079ad>] loadmodule+0x6249/0x7110 [<00000000117e4696>] _dosysfinitmodule+0x140/0x200 [<00000000f74b12d2>] dosyscall64+0x35/0x80 [<000000008fc6fcde>] entrySYSCALL64afterhwframe+0x46/0xb0 The reason is that the vkmsinit() returns without checking the return value of vkmscreate(), and if the vkmscreate() failed, the config allocated at the beginning of vkmsinit() is leaked. vkmsinit() config = kmalloc(...) # config allocated ... return vkmscreate() # vkmscreate failed and config is leaked Fix this problem by checking return value of vkms_create() and free the config if error happened.
- References
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source