CVE-2022-50396

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a memory leak within the tcindex set parms function, specifically when changing existing filter properties. The issue arises when an old filter result is cleared using tcindex filter result init() without properly destroying its associated tcf exts structure, leading to a memory leak. This occurs when the old r value is retrieved from p->perfect, triggering the allocation of new filter results and subsequent clearing of the old result without deallocation. The vulnerability was identified through Syzkaller testing.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

ALSA-2025_16880

BDU:2026-02438

CESA-2023_7077

CVE-2022-50396

RHSA-2023:2458

RHSA-2023:4130

RHSA-2023:7077

RHSA-2023_2458

RHSA-2023_7077

SUSE-SU-2025:03614-1

SUSE-SU-2025:03615-1

SUSE-SU-2025:3761-1

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

CVE-2022-50396

Weakness Enumeration

Related Identifiers

Affected Products

References · 974