CVE-2022-49822

MEDIUM EPSS 5.6%
Published May 1, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 1, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix connections leak when tlink setup failed If the tlink setup failed, lost to put the connections, then the module refcnt leak since the cifsd kthread not exit. Also leak the fscache info, and for next mount with fsc, it will print the follow errors: CIFS: Cache volume key already in use (cifs,127.0.0.1:445,TEST) Let's check the result of tlink setup, and do some cleanup.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
5.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥5.0  –  <5.15.81
linuxlinux_kernel*≥5.16  –  <6.0.10
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any

References 4

  • git.kernel.org https://git.kernel.org/stable/c/0a087842d10b5daa123ee5291e386cdd78413705
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1dcdf5f5b2137185cbdd5385f29949ab3da4f00c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/775d6625f96b26b90b9be9164b855ea2c471c0e5
  • git.kernel.org https://git.kernel.org/stable/c/a9059e338fc000c0b87d8cf29e93c74fd703212e
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0a087842d10b5daa123ee5291e386cdd78413705
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1dcdf5f5b2137185cbdd5385f29949ab3da4f00c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a9059e338fc000c0b87d8cf29e93c74fd703212e
    Patch