CVE-2022-50466

MEDIUM EPSS 4.3%
Published Oct 1, 20259mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Oct 1, 2025 9mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: fs/binfmt_elf: Fix memory leak in load_elf_binary() There is a memory leak reported by kmemleak: unreferenced object 0xffff88817104ef80 (size 224): comm "xfs_admin", pid 47165, jiffies 4298708825 (age 1333.476s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 60 a8 b3 00 81 88 ff ff a8 10 5a 00 81 88 ff ff `.........Z..... backtrace: [<ffffffff819171e1>] __alloc_file+0x21/0x250 [<ffffffff81918061>] alloc_empty_file+0x41/0xf0 [<ffffffff81948cda>] path_openat+0xea/0x3d30 [<ffffffff8194ec89>] do_filp_open+0x1b9/0x290 [<ffffffff8192660e>] do_open_execat+0xce/0x5b0 [<ffffffff81926b17>] open_exec+0x27/0x50 [<ffffffff81a69250>] load_elf_binary+0x510/0x3ed0 [<ffffffff81927759>] bprm_execve+0x599/0x1240 [<ffffffff8192a997>] do_execveat_common.isra.0+0x4c7/0x680 [<ffffffff8192b078>] __x64_sys_execve+0x88/0xb0 [<ffffffff83bbf0a5>] do_syscall_64+0x35/0x80 If "interp_elf_ex" fails to allocate memory in load_elf_binary(), the program will take the "out_free_ph" error handing path, resulting in "interpreter" file resource is not released. Fix it by adding an error handing path "out_free_file", which will release the file resource when "interp_elf_ex" failed to allocate memory.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
4.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 5

VendorProductVersionRange
linuxlinux_kernel*≥5.7  –  <5.10.153
linuxlinux_kernel*≥5.11  –  <5.15.77
linuxlinux_kernel*≥5.16  –  <6.0.7
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any

References 4

  • git.kernel.org https://git.kernel.org/stable/c/265b6fb780f57d10449a40e94219b28fa52479cc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/594d2a14f2168c09b13b114c3d457aa939403e52
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/706215300411d48db6b51a5832b872632a84bbc1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/acd9b4914f1c5928c7ae8ebc623d6291eb1a573a
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/265b6fb780f57d10449a40e94219b28fa52479cc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/594d2a14f2168c09b13b114c3d457aa939403e52
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/706215300411d48db6b51a5832b872632a84bbc1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/acd9b4914f1c5928c7ae8ebc623d6291eb1a573a
    Patch