CVE-2022-50543Double Free in Linux

CWE-415Double FreeCWE-1341Multiple Releases of Same Resource or Handle5 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 98.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 7

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix mr->map double free rxe_mr_cleanup() which tries to free mr->map again will be called when rxe_mr_init_user() fails: CPU: 0 PID: 4917 Comm: rdma_flush_serv Kdump: loaded Not tainted 6.1.0-rc1-roce-flush+ #25 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 Call Trace: dump_stack_lvl+0x45/0x5d panic+0x19e/0x349 end_report.part.0+0x54/0x7c kasan_r

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

NVDlinux/linux_kernel5.19.46.0.16+1
Debianlinux/linux_kernel< 6.1.4-1+2
CVEListV5linux/linux1e75550648da1fa1cd1969e7597355de8fe8caf66ce577f09013206e36e674cd27da3707b2278268+4
debiandebian/linux< linux 6.1.4-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-rjw2-5698-2f3h: In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix mr->map double free rxe_mr_cleanup() which tries to free mr->map a2025-10-07
OSV
CVE-2022-50543: In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix mr->map double free rxe_mr_cleanup() which tries to free mr->map aga2025-10-07

📋Vendor Advisories

2
Red Hat
kernel: RDMA/rxe: Fix mr->map double free2025-10-07
Debian
CVE-2022-50543: linux - In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: F...2022