DEBIAN-CVE-2022-50743
- Source
- https://security-tracker.debian.org/tracker/CVE-2022-50743
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2022-50743.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2022-50743
- Upstream
- Published
- 2025-12-24T13:16:01.020Z
- Modified
- 2025-12-25T11:11:29.805242Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: erofs: Fix pcluster memleak when its block address is zero syzkaller reported a memleak: https://syzkaller.appspot.com/bug?id=62f37ff612f0021641eda5b17f056f1668aa9aed unreferenced object 0xffff88811009c7f8 (size 136): ... backtrace: [<ffffffff821db19b>] zerofsdoreadpage+0x99b/0x1740 [<ffffffff821dee9e>] zerofsreadahead+0x24e/0x580 [<ffffffff814bc0d6>] readpages+0x86/0x3d0 ... syzkaller constructed a case: in zerofsregisterpcluster(), ztailpacking = false and map->mpa = zero. This makes pcl->obj.index be zero although pcl is not a inline pcluster. Then following path adds refcount for grp, but the refcount won't be put because pcl is inline. zerofsreadahead() zerofsdoreadpage() # for another page zerofscollectorbegin() erofsfindworkgroup() erofsworkgroupget() Since it's illegal for the block address of a non-inlined pcluster to be zero, add check here to avoid registering the pcluster which would be leaked.
- References
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source