DEBIAN-CVE-2022-50639
- Source
- https://security-tracker.debian.org/tracker/CVE-2022-50639
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2022-50639.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2022-50639
- Upstream
- Published
- 2025-12-09T01:16:46.280Z
- Modified
- 2025-12-10T11:16:17.877467Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: io-wq: Fix memory leak in worker creation If the CPU mask allocation for a node fails, then the memory allocated for the 'iowqe' struct of the current node doesn't get freed on the error handling path, since it has not yet been added to the 'wqes' array. This was spotted when fuzzing v6.1-rc1 with Syzkaller: BUG: memory leak unreferenced object 0xffff8880093d5000 (size 1024): comm "syz-executor.2", pid 7701, jiffies 4295048595 (age 13.900s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000cb463369>] _kmemcacheallocnode+0x18e/0x720 [<00000000147a3f9c>] kmallocnodetrace+0x2a/0x130 [<000000004e107011>] iowqcreate+0x7b9/0xdc0 [<00000000c38b2018>] iouringalloctaskcontext+0x31e/0x59d [<00000000867399da>] _iouringaddtctxnode.cold+0x19/0x1ba [<000000007e0e7a79>] iouringsetup.cold+0x1b80/0x1dce [<00000000b545e9f6>] _x64sysiouringsetup+0x5d/0x80 [<000000008a8a7508>] dosyscall64+0x5d/0x90 [<000000004ac08bec>] entrySYSCALL64after_hwframe+0x63/0xcd
- References
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source