CVE-2022-50007 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: xfrm: fix refcount leak in __xfrm_policy_check() The issue happens on an error path in __xfrm_policy_check(). When the fetching process of the object `pols[1]` fails, the function simply returns 0, forgetting to decrement the reference count of `pols[0]`, which is incremented earlier by either xfrm_sk_policy_lookup() or xfrm_policy_lookup(). This may result in memory leaks. Fix it by decreasing the reference count of `pols[0]` in that path.

Reserved 2025-06-18 | Published 2025-06-18 | Updated 2025-06-18 | Assigner Linux

Product status

Default status

unaffected

134b0fc544ba062498451611cb6f3e4454221b3d before 18e6b6e2555c93f5ca09f2b85ef1fa025c8accea

affected

134b0fc544ba062498451611cb6f3e4454221b3d before 8f94b933103ee1bda119543369cc18a1be5536db

affected

134b0fc544ba062498451611cb6f3e4454221b3d before 0769491a8acd3e85ca4c3f65080eac2c824262df

affected

134b0fc544ba062498451611cb6f3e4454221b3d before 63da7a2bbf3f28094920e0b8a17d2571a9bd842d

affected

134b0fc544ba062498451611cb6f3e4454221b3d before 1305d7d4f35ca6f214a2d23b075aa6a924cff3be

affected

134b0fc544ba062498451611cb6f3e4454221b3d before 26ad2398fe4984f4f6f930bcb3bc9047fa77265b

affected

134b0fc544ba062498451611cb6f3e4454221b3d before d66c052879791313f90c0584420f196a038fb8b8

affected

134b0fc544ba062498451611cb6f3e4454221b3d before 9c9cb23e00ddf45679b21b4dacc11d1ae7961ebe

affected

Default status

affected

2.6.19

affected

Any version before 2.6.19

unaffected

4.9.327

unaffected

4.14.292

unaffected

4.19.257

unaffected

5.4.212

unaffected

5.10.140

unaffected

5.15.64

unaffected

5.19.6

unaffected

6.0

unaffected

References

git.kernel.org/...c/18e6b6e2555c93f5ca09f2b85ef1fa025c8accea

git.kernel.org/...c/8f94b933103ee1bda119543369cc18a1be5536db

git.kernel.org/...c/0769491a8acd3e85ca4c3f65080eac2c824262df

git.kernel.org/...c/63da7a2bbf3f28094920e0b8a17d2571a9bd842d

git.kernel.org/...c/1305d7d4f35ca6f214a2d23b075aa6a924cff3be

git.kernel.org/...c/26ad2398fe4984f4f6f930bcb3bc9047fa77265b

git.kernel.org/...c/d66c052879791313f90c0584420f196a038fb8b8

git.kernel.org/...c/9c9cb23e00ddf45679b21b4dacc11d1ae7961ebe

cve.org (CVE-2022-50007)

nvd.nist.gov (CVE-2022-50007)

Download JSON