CVE-2022-50140 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: memstick/ms_block: Fix a memory leak 'erased_blocks_bitmap' is never freed. As it is allocated at the same time as 'used_blocks_bitmap', it is likely that it should be freed also at the same time. Add the corresponding bitmap_free() in msb_data_clear().

Reserved 2025-06-18 | Published 2025-06-18 | Updated 2025-06-18 | Assigner Linux

Product status

Default status

unaffected

0ab30494bc4f3bc1ea4659b7c5d97c5218554a63 before efd675246aec045507b9425c67b548cc2d782d8f

affected

0ab30494bc4f3bc1ea4659b7c5d97c5218554a63 before 37958980eb4cd71ae594ace093c11b6a91e165e8

affected

0ab30494bc4f3bc1ea4659b7c5d97c5218554a63 before 9d8b911fe3c3ed788c66edba7c90e32a4a7a5f53

affected

0ab30494bc4f3bc1ea4659b7c5d97c5218554a63 before 9260a154b3b5e387dbceec7c0ac441470646bc6f

affected

0ab30494bc4f3bc1ea4659b7c5d97c5218554a63 before 961d7d12080fe70847f944d656e36cd0dd0214ba

affected

0ab30494bc4f3bc1ea4659b7c5d97c5218554a63 before 16e07966638717416abf45393d6a80a5a1034429

affected

0ab30494bc4f3bc1ea4659b7c5d97c5218554a63 before 39be95d1ff7b44c1e969af72ba9da7332dfcc1da

affected

0ab30494bc4f3bc1ea4659b7c5d97c5218554a63 before 54eb7a55be6779c4d0c25eaf5056498a28595049

affected

Default status

affected

3.12

affected

Any version before 3.12

unaffected

4.14.291

unaffected

4.19.256

unaffected

5.4.211

unaffected

5.10.137

unaffected

5.15.61

unaffected

5.18.18

unaffected

5.19.2

unaffected

6.0

unaffected

References

git.kernel.org/...c/efd675246aec045507b9425c67b548cc2d782d8f

git.kernel.org/...c/37958980eb4cd71ae594ace093c11b6a91e165e8

git.kernel.org/...c/9d8b911fe3c3ed788c66edba7c90e32a4a7a5f53

git.kernel.org/...c/9260a154b3b5e387dbceec7c0ac441470646bc6f

git.kernel.org/...c/961d7d12080fe70847f944d656e36cd0dd0214ba

git.kernel.org/...c/16e07966638717416abf45393d6a80a5a1034429

git.kernel.org/...c/39be95d1ff7b44c1e969af72ba9da7332dfcc1da

git.kernel.org/...c/54eb7a55be6779c4d0c25eaf5056498a28595049

cve.org (CVE-2022-50140)

nvd.nist.gov (CVE-2022-50140)

Download JSON