DEBIAN-CVE-2022-50639
- Source
- https://security-tracker.debian.org/tracker/CVE-2022-50639
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2022-50639.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2022-50639
- Upstream
- Published
- 2025-12-09T01:16:46.280Z
- Modified
- 2025-12-10T11:16:17.877467Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: io-wq: Fix memory leak in worker creation If the CPU mask allocation for a node fails, then the memory allocated for the 'io_wqe' struct of the current node doesn't get freed on the error handling path, since it has not yet been added to the 'wqes' array. This was spotted when fuzzing v6.1-rc1 with Syzkaller: BUG: memory leak unreferenced object 0xffff8880093d5000 (size 1024): comm "syz-executor.2", pid 7701, jiffies 4295048595 (age 13.900s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000cb463369>] __kmemcacheallocnode+0x18e/0x720 [<00000000147a3f9c>] kmallocnodetrace+0x2a/0x130 [<000000004e107011>] iowqcreate+0x7b9/0xdc0 [<00000000c38b2018>] iouringalloctask_context+0x31e/0x59d [<00000000867399da>] __iouringaddtctxnode.cold+0x19/0x1ba [<000000007e0e7a79>] iouringsetup.cold+0x1b80/0x1dce [<00000000b545e9f6>] __x64sysiouringsetup+0x5d/0x80 [<000000008a8a7508>] dosyscall64+0x5d/0x90 [<000000004ac08bec>] entrySYSCALL64afterhwframe+0x63/0xcd
- References
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source