SB2025122669 - Memory leak in Linux kernel misc ocxl driver
Published: December 26, 2025 Updated: December 31, 2025
Security Bulletin ID
SB2025122669
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2022-50742)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the afu_ioctl() function in drivers/misc/ocxl/file.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/11bd8bbdf8f6f5c1145bb158793107a57e3a1f07
- https://git.kernel.org/stable/c/66032c43291672bae8b93184d2806f05be3e16df
- https://git.kernel.org/stable/c/7ba19a60c74fb0057d4daef2fa2cbfc9522f3ba1
- https://git.kernel.org/stable/c/843433a02e344d30fbb62dfd834c60631baaa527
- https://git.kernel.org/stable/c/c3b69ba5114c860d730870c03ab4ee45276e5e35
- https://git.kernel.org/stable/c/fc797285c40a9cc441357abb3521d3e51c743f67
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.220