CVE-2022-50446Missing Release of Memory after Effective Lifetime in Linux

CWE-401Missing Release of Memory after Effective Lifetime5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 98.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 1

Description

In the Linux kernel, the following vulnerability has been resolved: ARC: mm: fix leakage of memory allocated for PTE Since commit d9820ff ("ARC: mm: switch pgtable_t back to struct page *") a memory leakage problem occurs. Memory allocated for page table entries not released during process termination. This issue can be reproduced by a small program that allocates a large amount of memory. After several runs, you'll see that the amount of free memory has reduced and will continue to reduce aft

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel5.155.15.77+2
Debianlinux/linux_kernel< 6.0.7-1+2
CVEListV5linux/linuxd9820ff76f95fa26d33e412254a89cd65b23142d14009ada5712649589ab4ad0441b811780ea8773+3
debiandebian/linux< linux 6.0.7-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-wpvw-hhw9-p3qj: In the Linux kernel, the following vulnerability has been resolved: ARC: mm: fix leakage of memory allocated for PTE Since commit d9820ff ("ARC: mm:2025-10-01
OSV
CVE-2022-50446: In the Linux kernel, the following vulnerability has been resolved: ARC: mm: fix leakage of memory allocated for PTE Since commit d9820ff ("ARC: mm: s2025-10-01

📋Vendor Advisories

2
Red Hat
kernel: ARC: mm: fix leakage of memory allocated for PTE2025-10-01
Debian
CVE-2022-50446: linux - In the Linux kernel, the following vulnerability has been resolved: ARC: mm: fi...2022