fkie_cve-2022-50269
Vulnerability from fkie_nvd
Published
2025-09-15 15:15
Modified
2025-09-15 15:22
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix memory leak in vkms_init() A memory leak was reported after the vkms module install failed. unreferenced object 0xffff88810bc28520 (size 16): comm "modprobe", pid 9662, jiffies 4298009455 (age 42.590s) hex dump (first 16 bytes): 01 01 00 64 81 88 ff ff 00 00 dc 0a 81 88 ff ff ...d............ backtrace: [<00000000e7561ff8>] kmalloc_trace+0x27/0x60 [<000000000b1954a0>] 0xffffffffc45200a9 [<00000000abbf1da0>] do_one_initcall+0xd0/0x4f0 [<000000001505ee87>] do_init_module+0x1a4/0x680 [<00000000958079ad>] load_module+0x6249/0x7110 [<00000000117e4696>] __do_sys_finit_module+0x140/0x200 [<00000000f74b12d2>] do_syscall_64+0x35/0x80 [<000000008fc6fcde>] entry_SYSCALL_64_after_hwframe+0x46/0xb0 The reason is that the vkms_init() returns without checking the return value of vkms_create(), and if the vkms_create() failed, the config allocated at the beginning of vkms_init() is leaked. vkms_init() config = kmalloc(...) # config allocated ... return vkms_create() # vkms_create failed and config is leaked Fix this problem by checking return value of vkms_create() and free the config if error happened.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/07ab77154d6fd2d67e465ab5ce30083709950f02
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/0d0b368b9d104b437e1f4850ae94bdb9a3601e89
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/bad13de764888b765ceaa4668893b52bd16653cc
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/bebd60ec3bf21062f103e32e6203c6daabdbd51b
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vkms: Fix memory leak in vkms_init()\n\nA memory leak was reported after the vkms module install failed.\n\nunreferenced object 0xffff88810bc28520 (size 16):\n  comm \"modprobe\", pid 9662, jiffies 4298009455 (age 42.590s)\n  hex dump (first 16 bytes):\n    01 01 00 64 81 88 ff ff 00 00 dc 0a 81 88 ff ff  ...d............\n  backtrace:\n    [\u003c00000000e7561ff8\u003e] kmalloc_trace+0x27/0x60\n    [\u003c000000000b1954a0\u003e] 0xffffffffc45200a9\n    [\u003c00000000abbf1da0\u003e] do_one_initcall+0xd0/0x4f0\n    [\u003c000000001505ee87\u003e] do_init_module+0x1a4/0x680\n    [\u003c00000000958079ad\u003e] load_module+0x6249/0x7110\n    [\u003c00000000117e4696\u003e] __do_sys_finit_module+0x140/0x200\n    [\u003c00000000f74b12d2\u003e] do_syscall_64+0x35/0x80\n    [\u003c000000008fc6fcde\u003e] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThe reason is that the vkms_init() returns without checking the return\nvalue of vkms_create(), and if the vkms_create() failed, the config\nallocated at the beginning of vkms_init() is leaked.\n\n vkms_init()\n   config = kmalloc(...) # config allocated\n   ...\n   return vkms_create() # vkms_create failed and config is leaked\n\nFix this problem by checking return value of vkms_create() and free the\nconfig if error happened."
    }
  ],
  "id": "CVE-2022-50269",
  "lastModified": "2025-09-15T15:22:27.090",
  "metrics": {},
  "published": "2025-09-15T15:15:37.707",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/07ab77154d6fd2d67e465ab5ce30083709950f02"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/0d0b368b9d104b437e1f4850ae94bdb9a3601e89"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/bad13de764888b765ceaa4668893b52bd16653cc"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/bebd60ec3bf21062f103e32e6203c6daabdbd51b"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.