CVE-2022-49795

Published: May 1, 2025Modified: Nov 6, 2025

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: rethook: fix a potential memleak in rethook_alloc() In rethook_alloc(), the variable rh is not freed or passed out if handler is NULL, which could lead to a memleak, fix it. [Masami: Add "rethook:" tag to the title.] Acke-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>

Affected (6)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 5.18 to 6.0.10
Linux Linux Kernel	Version 6.1 rc1
Linux Linux Kernel	Version 6.1 rc2
Linux Linux Kernel	Version 6.1 rc3
Linux Linux Kernel	Version 6.1 rc4
Linux Linux Kernel	Version 6.1 rc5

Related CWEs

CWE-401

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (2)

https://git.kernel.org/stable/c/0a1ebe35cb3b7aa1f4b26b37e2a0b9ae68dc4ffb

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/cbc5d1f9a8cc40ba2bc6779b36d2ea1f65bc027c

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.