CVE-2022-49912

MEDIUM

Linux Kernel < 4.9.333 - Memory Leak

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix ulist leaks in error paths of qgroup self tests In the test_no_shared_qgroup() and test_multiple_refs() qgroup self tests, if we fail to add the tree ref, remove the extent item or remove the extent ref, we are returning from the test function without freeing the "old_roots" ulist that was allocated by the previous calls to btrfs_find_all_roots(). Fix that by calling ulist_free() before returning.

References (8)

[Patch] https://git.kernel.org/stable/c/0a0dead4ad1a2e2a9bdf133ef45111d7c8daef84

[Patch] https://git.kernel.org/stable/c/203204798831c35d855ecc6417d98267d2d2184b

[Patch] https://git.kernel.org/stable/c/3f58283d83a588ff5da62fc150de19e798ed2ec2

[Patch] https://git.kernel.org/stable/c/5d1a47ebf84540e40b5b43fc21aef0d6c0f627d9

[Patch] https://git.kernel.org/stable/c/d37de92b38932d40e4a251e876cc388f9aee5f42

[Patch] https://git.kernel.org/stable/c/d81370396025cf63a7a1b5f8bb25a3479203b2ca

[Patch] https://git.kernel.org/stable/c/da7003434bcab0ae9aba3f2c003e734cae093326

[Patch] https://git.kernel.org/stable/c/f46ea5fa3320dca4fe0c0926b49a5f14cb85de62

Scores

CVSS v3 5.5

EPSS 0.0005

EPSS Percentile 15.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-401

Status published

Affected Products (11)

linux/linux_kernel < 4.9.333

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/Kernel < 4.9.333linux

linux/Kernel < 4.14.299linux

linux/Kernel < 4.19.265linux

linux/Kernel < 5.4.224linux

linux/Kernel < 5.10.154linux

linux/Kernel < 5.15.78linux

linux/Kernel < 6.0.8linux

Timeline

Published May 01, 2025

Tracked Since Feb 18, 2026