#VU111277 Memory leak in Linux kernel - CVE-2022-50161
Published: June 18, 2025 / Updated: June 21, 2025
Vulnerability identifier: #VU111277
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-50161
CWE-ID: CWE-401
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the of_flash_probe_versatile() function in drivers/mtd/maps/physmap-versatile.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/33ec82a6d2b119938f26e5c8040ed5d92378eb54
- https://git.kernel.org/stable/c/3c8de6a838b7e0eb392754ac89dd66e698684342
- https://git.kernel.org/stable/c/4d67c8f74d804b20febf716ec96e9a475457ec60
- https://git.kernel.org/stable/c/52ae2b14f76ef2d490337ddc0037bc37125be7b8
- https://git.kernel.org/stable/c/5d5ddd8771fa9cabeb247fba5f6ab60d63f3fbce
- https://git.kernel.org/stable/c/79e57889aa0d92a6d769bad808fb105e7b6ea495
- https://git.kernel.org/stable/c/9124d51e01232a91da4034768a2a8d1688472179
- https://git.kernel.org/stable/c/f516fbb63873ee23cba5b7c3d239677c30f13df8
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.2