PT-2025-18644 · Linux+2 · Linux Kernel+2

Published

2025-05-01

·

Updated

2025-07-10

·

CVE-2022-49927

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A memory leak issue has been resolved in the Linux kernel related to the nfs4 module. When the allocation of a slot fails, all other allocated slots should be cleaned up to prevent memory leaks. The issue is associated with the nfs4 find or create slot function and can lead to memory leaks if not properly handled.
Recommendations As a temporary workaround, consider disabling the nfs4 module until a patch is available. Restrict access to the nfs4 functionality to minimize the risk of exploitation. Avoid using the nfs4 protocol in sensitive environments until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

CVE-2022-49927
SUSE-SU-2025:01918-1
SUSE-SU-2025:01966-1
SUSE-SU-2025:01982-1
SUSE-SU-2025:01983-1
SUSE-SU-2025:01995-1
SUSE-SU-2025:02173-1
SUSE-SU-2025:02262-1
SUSE-SU-2025:2173-1
SUSE-SU-2025_01982-1
SUSE-SU-2025_01983-1
SUSE-SU-2025_02173-1
SUSE-SU-2025_02262-1

Affected Products

Astra Linux
Linux Kernel
Suse