PT-2025-25968 · Linux+3 · Linux Kernel+3

Published

2021-11-09

Updated

2025-06-18

CVE-2022-50042

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak issue has been identified in the Linux kernel, specifically in the netlink policy dumping functionality. The error occurs when constructing an array of policies fails during the recording of non-first policies, and the allocated pointer is not properly recorded in the pstate pointer. This issue is related to the netlink policy dump add policy() function, which does not handle errors correctly, leading to memory leaks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Resource Release

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404CWE-401

Related Identifiers

BDU:2026-03401

CESA-2021_4356

CVE-2022-50042

RHSA-2021:4356

RHSA-2021_4356

RHSA-2023:6583

RHSA-2023:7370

RHSA-2023_6583

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

PT-2025-25968 · Linux+3 · Linux Kernel+3

CVE-2022-50042

Weakness Enumeration

Related Identifiers

Affected Products

References · 21