{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-49381", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-02-26T02:08:31.559Z", "datePublished": "2025-02-26T02:11:18.812Z", "dateUpdated": "2025-02-26T02:11:18.812Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-02-26T02:11:18.812Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\njffs2: fix memory leak in jffs2_do_fill_super\n\nIf jffs2_iget() or d_make_root() in jffs2_do_fill_super() returns\nan error, we can observe the following kmemleak report:\n\n--------------------------------------------\nunreferenced object 0xffff888105a65340 (size 64):\n comm \"mount\", pid 710, jiffies 4302851558 (age 58.239s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [<ffffffff859c45e5>] kmem_cache_alloc_trace+0x475/0x8a0\n [<ffffffff86160146>] jffs2_sum_init+0x96/0x1a0\n [<ffffffff86140e25>] jffs2_do_mount_fs+0x745/0x2120\n [<ffffffff86149fec>] jffs2_do_fill_super+0x35c/0x810\n [<ffffffff8614aae9>] jffs2_fill_super+0x2b9/0x3b0\n [...]\nunreferenced object 0xffff8881bd7f0000 (size 65536):\n comm \"mount\", pid 710, jiffies 4302851558 (age 58.239s)\n hex dump (first 32 bytes):\n bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................\n bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................\n backtrace:\n [<ffffffff858579ba>] kmalloc_order+0xda/0x110\n [<ffffffff85857a11>] kmalloc_order_trace+0x21/0x130\n [<ffffffff859c2ed1>] __kmalloc+0x711/0x8a0\n [<ffffffff86160189>] jffs2_sum_init+0xd9/0x1a0\n [<ffffffff86140e25>] jffs2_do_mount_fs+0x745/0x2120\n [<ffffffff86149fec>] jffs2_do_fill_super+0x35c/0x810\n [<ffffffff8614aae9>] jffs2_fill_super+0x2b9/0x3b0\n [...]\n--------------------------------------------\n\nThis is because the resources allocated in jffs2_sum_init() are not\nreleased. Call jffs2_sum_exit() to release these resources to solve\nthe problem."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/jffs2/fs.c"], "versions": [{"version": "e631ddba588783edd521c5a89f7b2902772fb691", "lessThan": "4ba7bbeab8009faf3a726e565d98816593ddd5b0", "status": "affected", "versionType": "git"}, {"version": "e631ddba588783edd521c5a89f7b2902772fb691", "lessThan": "4da8763a3d2b684c773b72ed80fad40bc264bc40", "status": "affected", "versionType": "git"}, {"version": "e631ddba588783edd521c5a89f7b2902772fb691", "lessThan": "28048a4cf3813b7cf5cc8cce629dfdc7951cb1c2", "status": "affected", "versionType": "git"}, {"version": "e631ddba588783edd521c5a89f7b2902772fb691", "lessThan": "d3a4fff1e7e408c32649030daa7c2c42a7e19a95", "status": "affected", "versionType": "git"}, {"version": "e631ddba588783edd521c5a89f7b2902772fb691", "lessThan": "3252d327f977b14663a10967f3b0930d6c325687", "status": "affected", "versionType": "git"}, {"version": "e631ddba588783edd521c5a89f7b2902772fb691", "lessThan": "ecc53e58596542791e82eff00702f8af7a313f70", "status": "affected", "versionType": "git"}, {"version": "e631ddba588783edd521c5a89f7b2902772fb691", "lessThan": "cf9db013e167bc8fc2ecd7a13ed97a37df0c9dab", "status": "affected", "versionType": "git"}, {"version": "e631ddba588783edd521c5a89f7b2902772fb691", "lessThan": "69295267c481545f636b69ff341b8db75aa136b9", "status": "affected", "versionType": "git"}, {"version": "e631ddba588783edd521c5a89f7b2902772fb691", "lessThan": "c14adb1cf70a984ed081c67e9d27bc3caad9537c", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/jffs2/fs.c"], "versions": [{"version": "2.6.15", "status": "affected"}, {"version": "0", "lessThan": "2.6.15", "status": "unaffected", "versionType": "semver"}, {"version": "4.9.318", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.283", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.247", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.198", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.122", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.47", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.17.15", "lessThanOrEqual": "5.17.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.18.4", "lessThanOrEqual": "5.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.19", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/4ba7bbeab8009faf3a726e565d98816593ddd5b0"}, {"url": "https://git.kernel.org/stable/c/4da8763a3d2b684c773b72ed80fad40bc264bc40"}, {"url": "https://git.kernel.org/stable/c/28048a4cf3813b7cf5cc8cce629dfdc7951cb1c2"}, {"url": "https://git.kernel.org/stable/c/d3a4fff1e7e408c32649030daa7c2c42a7e19a95"}, {"url": "https://git.kernel.org/stable/c/3252d327f977b14663a10967f3b0930d6c325687"}, {"url": "https://git.kernel.org/stable/c/ecc53e58596542791e82eff00702f8af7a313f70"}, {"url": "https://git.kernel.org/stable/c/cf9db013e167bc8fc2ecd7a13ed97a37df0c9dab"}, {"url": "https://git.kernel.org/stable/c/69295267c481545f636b69ff341b8db75aa136b9"}, {"url": "https://git.kernel.org/stable/c/c14adb1cf70a984ed081c67e9d27bc3caad9537c"}], "title": "jffs2: fix memory leak in jffs2_do_fill_super", "x_generator": {"engine": "bippy-5f407fcff5a0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0DED0F6A-FC03-4637-B95D-CCE9C053BD2B", "versionEndExcluding": "4.9.318", "versionStartIncluding": "2.6.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D6823775-2653-4644-A0D4-4E6E68F10C65", "versionEndExcluding": "4.14.283", "versionStartIncluding": "4.10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B8CFA0F4-2D75-41F4-9753-87944A08B53B", "versionEndExcluding": "4.19.247", "versionStartIncluding": "4.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3EC49633-14DE-4EBD-BB80-76AE2E3EABB9", "versionEndExcluding": "5.4.198", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B42AA01-44D8-4572-95E6-FF8E374CF9C5", "versionEndExcluding": "5.10.122", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC042EE3-4864-4325-BE0B-4BCDBF11AA61", "versionEndExcluding": "5.15.47", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "53E7AA2E-2FB4-45CA-A22B-08B4EDBB51AD", "versionEndExcluding": "5.17.15", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "FA6D643C-6D6A-4821-8A8D-B5776B8F0103", "versionEndExcluding": "5.18.4", "versionStartIncluding": "5.18", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\njffs2: fix memory leak in jffs2_do_fill_super\n\nIf jffs2_iget() or d_make_root() in jffs2_do_fill_super() returns\nan error, we can observe the following kmemleak report:\n\n--------------------------------------------\nunreferenced object 0xffff888105a65340 (size 64):\n comm \"mount\", pid 710, jiffies 4302851558 (age 58.239s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [<ffffffff859c45e5>] kmem_cache_alloc_trace+0x475/0x8a0\n [<ffffffff86160146>] jffs2_sum_init+0x96/0x1a0\n [<ffffffff86140e25>] jffs2_do_mount_fs+0x745/0x2120\n [<ffffffff86149fec>] jffs2_do_fill_super+0x35c/0x810\n [<ffffffff8614aae9>] jffs2_fill_super+0x2b9/0x3b0\n [...]\nunreferenced object 0xffff8881bd7f0000 (size 65536):\n comm \"mount\", pid 710, jiffies 4302851558 (age 58.239s)\n hex dump (first 32 bytes):\n bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................\n bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................\n backtrace:\n [<ffffffff858579ba>] kmalloc_order+0xda/0x110\n [<ffffffff85857a11>] kmalloc_order_trace+0x21/0x130\n [<ffffffff859c2ed1>] __kmalloc+0x711/0x8a0\n [<ffffffff86160189>] jffs2_sum_init+0xd9/0x1a0\n [<ffffffff86140e25>] jffs2_do_mount_fs+0x745/0x2120\n [<ffffffff86149fec>] jffs2_do_fill_super+0x35c/0x810\n [<ffffffff8614aae9>] jffs2_fill_super+0x2b9/0x3b0\n [...]\n--------------------------------------------\n\nThis is because the resources allocated in jffs2_sum_init() are not\nreleased. Call jffs2_sum_exit() to release these resources to solve\nthe problem."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: jffs2: se corrige la p\u00e9rdida de memoria en jffs2_do_fill_super Si jffs2_iget() o d_make_root() en jffs2_do_fill_super() devuelve un error, podemos observar el siguiente informe de kmemleak: -------------------------------------------- objeto sin referencia 0xffff888105a65340 (size 64): comm \"mount\", pid 710, jiffies 4302851558 (age 58.239s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [] kmem_cache_alloc_trace+0x475/0x8a0 [] jffs2_sum_init+0x96/0x1a0 [] jffs2_do_mount_fs+0x745/0x2120 [] jffs2_do_fill_super+0x35c/0x810 [] jffs2_fill_super+0x2b9/0x3b0 [...] unreferenced object 0xffff8881bd7f0000 (size 65536): comm \"mount\", pid 710, jiffies 4302851558 (age 58.239s) hex dump (first 32 bytes): bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................ bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................ backtrace: [] kmalloc_order+0xda/0x110 [] kmalloc_order_trace+0x21/0x130 [] __kmalloc+0x711/0x8a0 [] jffs2_sum_init+0xd9/0x1a0 [] jffs2_do_mount_fs+0x745/0x2120 [] jffs2_do_fill_super+0x35c/0x810 [] jffs2_fill_super+0x2b9/0x3b0 [...] -------------------------------------------- Esto se debe a que los recursos asignados en jffs2_sum_init() no se liberan. Llame a jffs2_sum_exit() para liberar estos recursos y resolver el problema."}], "id": "CVE-2022-49381", "lastModified": "2025-04-14T20:38:11.710", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-02-26T07:01:14.727", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/28048a4cf3813b7cf5cc8cce629dfdc7951cb1c2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/3252d327f977b14663a10967f3b0930d6c325687"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4ba7bbeab8009faf3a726e565d98816593ddd5b0"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4da8763a3d2b684c773b72ed80fad40bc264bc40"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/69295267c481545f636b69ff341b8db75aa136b9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c14adb1cf70a984ed081c67e9d27bc3caad9537c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/cf9db013e167bc8fc2ecd7a13ed97a37df0c9dab"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d3a4fff1e7e408c32649030daa7c2c42a7e19a95"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ecc53e58596542791e82eff00702f8af7a313f70"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: jffs2: fix memory leak in jffs2_do_fill_super", "id": "2348247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348247"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\njffs2: fix memory leak in jffs2_do_fill_super\nIf jffs2_iget() or d_make_root() in jffs2_do_fill_super() returns\nan error, we can observe the following kmemleak report:\n--------------------------------------------\nunreferenced object 0xffff888105a65340 (size 64):\ncomm \"mount\", pid 710, jiffies 4302851558 (age 58.239s)\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace:\n[<ffffffff859c45e5>] kmem_cache_alloc_trace+0x475/0x8a0\n[<ffffffff86160146>] jffs2_sum_init+0x96/0x1a0\n[<ffffffff86140e25>] jffs2_do_mount_fs+0x745/0x2120\n[<ffffffff86149fec>] jffs2_do_fill_super+0x35c/0x810\n[<ffffffff8614aae9>] jffs2_fill_super+0x2b9/0x3b0\n[...]\nunreferenced object 0xffff8881bd7f0000 (size 65536):\ncomm \"mount\", pid 710, jiffies 4302851558 (age 58.239s)\nhex dump (first 32 bytes):\nbb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................\nbb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................\nbacktrace:\n[<ffffffff858579ba>] kmalloc_order+0xda/0x110\n[<ffffffff85857a11>] kmalloc_order_trace+0x21/0x130\n[<ffffffff859c2ed1>] __kmalloc+0x711/0x8a0\n[<ffffffff86160189>] jffs2_sum_init+0xd9/0x1a0\n[<ffffffff86140e25>] jffs2_do_mount_fs+0x745/0x2120\n[<ffffffff86149fec>] jffs2_do_fill_super+0x35c/0x810\n[<ffffffff8614aae9>] jffs2_fill_super+0x2b9/0x3b0\n[...]\n--------------------------------------------\nThis is because the resources allocated in jffs2_sum_init() are not\nreleased. Call jffs2_sum_exit() to release these resources to solve\nthe problem."], "name": "CVE-2022-49381", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-02-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-49381\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-49381\nhttps://lore.kernel.org/linux-cve-announce/2025022647-CVE-2022-49381-89d2@gregkh/T"], "threat_severity": "Low"}