CVE-2022-50451

MEDIUM

Linux Kernel 5.15-5.15.87 5.16-6.0.17 6.1-6.1.3 - Use-After-Free in ntfs_fill_super() Error Path

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix memory leak on ntfs_fill_super() error path syzbot reported kmemleak as below: BUG: memory leak unreferenced object 0xffff8880122f1540 (size 32): comm "a.out", pid 6664, jiffies 4294939771 (age 25.500s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 ed ff ed ff 00 00 00 00 ................ backtrace: [<ffffffff81b16052>] ntfs_init_fs_context+0x22/0x1c0 [<ffffffff8164aaa7>] alloc_fs_context+0x217/0x430 [<ffffffff81626dd4>] path_mount+0x704/0x1080 [<ffffffff81627e7c>] __x64_sys_mount+0x18c/0x1d0 [<ffffffff84593e14>] do_syscall_64+0x34/0xb0 [<ffffffff84600087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd This patch fixes this issue by freeing mount options on error path of ntfs_fill_super().

References (4)

Core 4

Scores

CVSS v3 5.5
EPSS 0.0015
EPSS Percentile 4.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-401
Status published
Products (14)
linux/Kernel 5.15.0 - 5.15.87linux
linux/Kernel 5.16.0 - 6.0.17linux
linux/Kernel 6.1.0 - 6.1.3linux
Linux/Linux < 5.15
Linux/Linux 4534a70b7056fd4b9a1c6db5a4ce3c98546b291e - 2600c80ea7b39f987c3fa89287e73d62e322bbbd
Linux/Linux 4534a70b7056fd4b9a1c6db5a4ce3c98546b291e - 2dd9ccfb06bcdad30ad92d96c3affa38a458679e
Linux/Linux 4534a70b7056fd4b9a1c6db5a4ce3c98546b291e - 51e76a232f8c037f1d9e9922edc25b003d5f3414
Linux/Linux 4534a70b7056fd4b9a1c6db5a4ce3c98546b291e - ff0df7d9cdbb12878155168b5234e99029e5377f
Linux/Linux 5.15
Linux/Linux 5.15.87 - 5.15.*
... and 4 more
Published Oct 01, 2025
Tracked Since Feb 18, 2026