CVE-2022-50042

Description

In the Linux kernel, the following vulnerability has been resolved: net: genl: fix error path memory leak in policy dumping If construction of the array of policies fails when recording non-first policy we need to unwind. netlink_policy_dump_add_policy() itself also needs fixing as it currently gives up on error without recording the allocated pointer in the pstate pointer.

Reserved 2025-06-18 | Published 2025-06-18 | Updated 2025-06-18 | Assigner Linux

Product status

Default status
unaffected

50a896cf2d6f34e884a00139d6e6012c9833ace3 before 83411c9f05d5a8b637293b3389eca3d378197c04
affected

50a896cf2d6f34e884a00139d6e6012c9833ace3 before b0672895d8be5d19d4b05ac83f807026fc791037
affected

50a896cf2d6f34e884a00139d6e6012c9833ace3 before 26b6acd365823e99e46be3b27500f5dc235dda5e
affected

50a896cf2d6f34e884a00139d6e6012c9833ace3 before 249801360db3dec4f73768c502192020bfddeacc
affected

Default status
affected

5.10
affected

Any version before 5.10
unaffected

5.10.138
unaffected

5.15.63
unaffected

5.19.4
unaffected

6.0
unaffected

References

git.kernel.org/...c/83411c9f05d5a8b637293b3389eca3d378197c04

git.kernel.org/...c/b0672895d8be5d19d4b05ac83f807026fc791037

git.kernel.org/...c/26b6acd365823e99e46be3b27500f5dc235dda5e

git.kernel.org/...c/249801360db3dec4f73768c502192020bfddeacc

cve.org (CVE-2022-50042)

nvd.nist.gov (CVE-2022-50042)

Download JSON