CVE-2022-50743

NONE EPSS 9.7%
Published Dec 24, 20256mo ago · Modified Jun 17, 20262w ago
Find Similar
Published Dec 24, 2025 6mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: erofs: Fix pcluster memleak when its block address is zero syzkaller reported a memleak: https://syzkaller.appspot.com/bug?id=62f37ff612f0021641eda5b17f056f1668aa9aed unreferenced object 0xffff88811009c7f8 (size 136): ... backtrace: [<ffffffff821db19b>] z_erofs_do_read_page+0x99b/0x1740 [<ffffffff821dee9e>] z_erofs_readahead+0x24e/0x580 [<ffffffff814bc0d6>] read_pages+0x86/0x3d0 ... syzkaller constructed a case: in z_erofs_register_pcluster(), ztailpacking = false and map->m_pa = zero. This makes pcl->obj.index be zero although pcl is not a inline pcluster. Then following path adds refcount for grp, but the refcount won't be put because pcl is inline. z_erofs_readahead() z_erofs_do_read_page() # for another page z_erofs_collector_begin() erofs_find_workgroup() erofs_workgroup_get() Since it's illegal for the block address of a non-inlined pcluster to be zero, add check here to avoid registering the pcluster which would be leaked.

Threat Intelligence

EPSS Exploit Probability
9.7% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 3

  • git.kernel.org https://git.kernel.org/stable/c/618e712b99c78d1004b70a1a9ab0a4830d0b2673
  • git.kernel.org https://git.kernel.org/stable/c/ac54c1f7b288d83b6ba1e320efff24ecc21309cd
  • git.kernel.org https://git.kernel.org/stable/c/c42c0ffe81176940bd5dead474216b7198d77675

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.