CVE-2022-50622 — Missing Release of Resource after Effective Lifetime in Linux

CWE-772 — Missing Release of Resource after Effective Lifetime6 documents5 sources

Severity

5.5MEDIUM

No vector

EPSS

0.0%

top 89.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 8

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4_fc_record_modified_inode() As krealloc may return NULL, in this case 'state->fc_modified_inodes' may not be freed by krealloc, but 'state->fc_modified_inodes' already set NULL. Then will lead to 'state->fc_modified_inodes' memory leak.

Affected Packages4 packages

▶Linuxlinux/linux_kernel5.10.0 — 5.10.150+3

▶Debianlinux/linux_kernel< 5.10.158-1+3

▶CVEListV5linux/linux8016e29f4362e285f0f7e38fadc61a5b7bdfdfa2 — c9ce7766dc4e88e624c62a68221a3bbe8f06e856+5

▶debiandebian/linux< linux 6.0.3-1 (bookworm)

🔴Vulnerability Details

OSV

CVE-2022-50622: In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4_fc_record_modified_inode() As krealloc may↗2025-12-08

▶

OSV

ext4: fix potential memory leak in ext4_fc_record_modified_inode()↗2025-12-08

▶

GHSA

GHSA-hfg2-96v6-99jv: In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4_fc_record_modified_inode() As krealloc m↗2025-12-08

▶

📋Vendor Advisories

Red Hat

kernel: Linux kernel (ext4): Memory leak due to improper handling of krealloc failure↗2025-12-08

▶

Debian

CVE-2022-50622: linux - In the Linux kernel, the following vulnerability has been resolved: ext4: fix p...↗2022

▶