#VU115249 Memory leak in Linux kernel - CVE-2022-50324
Published: September 16, 2025 / Updated: September 22, 2025
Vulnerability identifier: #VU115249
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-50324
CWE-ID: CWE-401
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pxa2xx_flash_probe() function in drivers/mtd/maps/pxa2xx-flash.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/1d0c2b762dad2b8dd166e17c0e90b88b86a3284f
- https://git.kernel.org/stable/c/2399401feee27c639addc5b7e6ba519d3ca341bf
- https://git.kernel.org/stable/c/6fa9550ef3e13d7e9b2d4db6dd57292ccd072a90
- https://git.kernel.org/stable/c/932baf593eb63dff40e40d7674f076fb7932cd5b
- https://git.kernel.org/stable/c/a1b061cafdbcb1ff259731f30e2bdc1de64dcaba
- https://git.kernel.org/stable/c/cb3f35f44887a8486737fe88d58050f1df290758
- https://git.kernel.org/stable/c/cf9c4c25caad05c6b492cbba739a467511814279
- https://git.kernel.org/stable/c/e2324a0912ad26a0ea5baaf81aed0ca880804158
- https://git.kernel.org/stable/c/f35981083cb3fc1ba6427c1543152c5e3f59d104
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.86