CVE-2022-50342Missing Release of Memory after Effective Lifetime in Linux

CWE-401Missing Release of Memory after Effective LifetimeCWE-772Missing Release of Resource after Effective Lifetime5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 95.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 16

Description

In the Linux kernel, the following vulnerability has been resolved: floppy: Fix memory leak in do_floppy_init() A memory leak was reported when floppy_alloc_disk() failed in do_floppy_init(). unreferenced object 0xffff888115ed25a0 (size 8): comm "modprobe", pid 727, jiffies 4295051278 (age 25.529s) hex dump (first 8 bytes): 00 ac 67 5b 81 88 ff ff ..g[.... backtrace: [] __kmalloc_node+0x4c/0xc0 [] blk_mq_realloc_tag_set_tags.part.0+0x6f/0x180 [] blk_mq_alloc_tag_set+0x573/0x1130 [] 0xffffffff

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel5.115.15.86+2
Debianlinux/linux_kernel< 6.1.4-1+2
CVEListV5linux/linux302cfee150291c6cd85b1ca197d062d0b423d09cf36d8c8651506aea5f09899f5356ece5d1384f50+4
debiandebian/linux< linux 6.1.4-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-86r4-3x7h-8gh4: In the Linux kernel, the following vulnerability has been resolved: floppy: Fix memory leak in do_floppy_init() A memory leak was reported when flop2025-09-16
OSV
CVE-2022-50342: In the Linux kernel, the following vulnerability has been resolved: floppy: Fix memory leak in do_floppy_init() A memory leak was reported when floppy2025-09-16

📋Vendor Advisories

2
Red Hat
kernel: floppy: Fix memory leak in do_floppy_init()2025-09-16
Debian
CVE-2022-50342: linux - In the Linux kernel, the following vulnerability has been resolved: floppy: Fix...2022
CVE-2022-50342 — Linux vulnerability | cvebase