CVE-2022-50088

MEDIUM

Linux Kernel 5.18-5.18.17, 5.19-5.19.1 - Use-After-Free in DAMON Reclaim Context Initialization

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: mm/damon/reclaim: fix potential memory leak in damon_reclaim_init() damon_reclaim_init() allocates a memory chunk for ctx with damon_new_ctx(). When damon_select_ops() fails, ctx is not released, which will lead to a memory leak. We should release the ctx with damon_destroy_ctx() when damon_select_ops() fails to fix the memory leak.

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/9d3e9e1e0856f4c905bbb870f16f42ae72477071

Patch

https://git.kernel.org/stable/c/700aa4e11a3c4d2a44d06758db431a013d9e1b61

Patch

https://git.kernel.org/stable/c/188043c7f4f2bd662f2a55957d684fffa543e600

Scores

CVSS v3 5.5

EPSS 0.0015

EPSS Percentile 4.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-401

Status published

Products (11)

linux/Kernel 5.18.0 - 5.18.18linux

linux/Kernel 5.19.0 - 5.19.2linux

Linux/Linux < 5.18

Linux/Linux 4d69c3457821100a39fa8c6e0c23ed910bb6c29d - 188043c7f4f2bd662f2a55957d684fffa543e600

Linux/Linux 4d69c3457821100a39fa8c6e0c23ed910bb6c29d - 700aa4e11a3c4d2a44d06758db431a013d9e1b61

Linux/Linux 4d69c3457821100a39fa8c6e0c23ed910bb6c29d - 9d3e9e1e0856f4c905bbb870f16f42ae72477071

Linux/Linux 5.18

Linux/Linux 5.18.18 - 5.18.*

Linux/Linux 5.19.2 - 5.19.*

Linux/Linux 6.0

... and 1 more

Published Jun 18, 2025

Tracked Since Feb 18, 2026