DEBIAN-CVE-2022-50569
- Source
- https://security-tracker.debian.org/tracker/CVE-2022-50569
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2022-50569.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2022-50569
- Upstream
- Published
- 2025-10-22T14:15:41.780Z
- Modified
- 2025-11-20T10:16:33.712044Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: xfrm: Update ipcompscratches with NULL when freed Currently if ipcompallocscratches() fails to allocate memory ipcompscratches holds obsolete address. So when we try to free the percpu scratches using ipcompfreescratches() it tries to vfree non existent vm area. Described below: static void * _percpu *ipcompallocscratches(void) { ... scratches = allocpercpu(void *); if (!scratches) return NULL; ipcompscratches does not know about this allocation failure. Therefore holding the old obsolete address. ... } So when we free, static void ipcompfreescratches(void) { ... scratches = ipcompscratches; Assigning obsolete address from ipcompscratches if (!scratches) return; foreachpossiblecpu(i) vfree(*percpuptr(scratches, i)); Trying to free non existent page, causing warning: trying to vfree existent vm area. ... } Fix this breakage by updating ipcomp_scrtches with NULL when scratches is freed
- References
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.158-1
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source