We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2022-49938

cifs: fix small mempool leak in SMB2_negotiate()



Description

In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2_negotiate() In some cases of failure (dialect mismatches) in SMB2_negotiate(), after the request is sent, the checks would return -EIO when they should be rather setting rc = -EIO and jumping to neg_exit to free the response buffer from mempool.

Reserved 2025-05-01 | Published 2025-06-18 | Updated 2025-06-18 | Assigner Linux

Product status

Default status
unaffected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 9e3c9efa7caf16e5acc05eab5e4d0a714e1610b0
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 38a6b469bf22f153282fbe7d702a24e9eb43f50e
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 27893dfc1285f80f80f46b3b8c95f5d15d2e66d0
affected

Default status
affected

5.15.66
unaffected

5.19.8
unaffected

6.0
unaffected

References

git.kernel.org/...c/9e3c9efa7caf16e5acc05eab5e4d0a714e1610b0

git.kernel.org/...c/38a6b469bf22f153282fbe7d702a24e9eb43f50e

git.kernel.org/...c/27893dfc1285f80f80f46b3b8c95f5d15d2e66d0

cve.org (CVE-2022-49938)

nvd.nist.gov (CVE-2022-49938)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2022-49938

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.