CVE-2022-50707 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: virtio-crypto: fix memory leak in virtio_crypto_alg_skcipher_close_session() 'vc_ctrl_req' is alloced in virtio_crypto_alg_skcipher_close_session(), and should be freed in the invalid ctrl_status->status error handling case. Otherwise there is a memory leak.

PUBLISHED Reserved 2025-12-24 | Published 2025-12-24 | Updated 2025-12-24 | Assigner Linux

Product status

Default status

unaffected

4ee475e76b5ea8061970a7c867ffa5eedeb39580 (git) before 79026a2d0a1b080257773d22a493f9bcab8c65be

affected

0756ad15b1fef287d4d8fa11bc36ea77a5c42e4a (git) before 67fb59ff1384e338679c0eb7a43c83ce8868c9fa

affected

0756ad15b1fef287d4d8fa11bc36ea77a5c42e4a (git) before 0871df190fe6723464efe0f493d476411616f553

affected

0756ad15b1fef287d4d8fa11bc36ea77a5c42e4a (git) before b1d65f717cd6305a396a8738e022c6f7c65cfbe8

affected

Default status

affected

5.19

affected

Any version before 5.19

unaffected

6.0.19 (semver)

unaffected

6.1.5 (semver)

unaffected

6.2 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/79026a2d0a1b080257773d22a493f9bcab8c65be

git.kernel.org/...c/67fb59ff1384e338679c0eb7a43c83ce8868c9fa

git.kernel.org/...c/0871df190fe6723464efe0f493d476411616f553

git.kernel.org/...c/b1d65f717cd6305a396a8738e022c6f7c65cfbe8

cve.org (CVE-2022-50707)

nvd.nist.gov (CVE-2022-50707)

Download JSON