#VU115613 Resource management error in Linux kernel - CVE-2022-50296
Published: September 16, 2025 / Updated: September 22, 2025
Vulnerability identifier: #VU115613
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-50296
CWE-ID: CWE-399
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the show_cpuinfo() function in arch/um/kernel/um_arch.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/16c546e148fa6d14a019431436a6f7b4087dbccd
- https://git.kernel.org/stable/c/2e3863cc02c156b51b50592d43ffa6a13b680b0d
- https://git.kernel.org/stable/c/5177bdc38eaa1c1ca6302214ab06913540cd00a2
- https://git.kernel.org/stable/c/6a73e6edcbf3cdd82796dcdf0c0f5fe5d91021af
- https://git.kernel.org/stable/c/7efe61dc6aa45aab8a40e304fa2dae21e33b0db4
- https://git.kernel.org/stable/c/844748412be03a236dcf4a208b588162a275e189
- https://git.kernel.org/stable/c/8f96aa67c2ccbd7e41b8dc992b8d13cfe206d571
- https://git.kernel.org/stable/c/cd251d39b13485eb94ee65bb000d024e02c00e45
- https://git.kernel.org/stable/c/dbd964a733db015bbb9dff592c259c736398140f
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.296