PT-2025-8300 · Linux+1 · Linux Kernel+1
Xin Xiong
·
Published
2025-02-26
·
Updated
2025-03-02
·
CVE-2022-49366
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
A memory leak issue has been identified in the Linux kernel, specifically in the ksmbd module. The problem occurs when the
id and uid have the same value in the smb check perm dacl() function, causing the function to exit the loop without properly decrementing the reference count of the posix acls object. This can lead to memory leaks.Recommendations
For the affected Linux kernel versions, apply the fix by decreasing the reference count of
posix acls before jumping to the label check access bits in the smb check perm dacl() function.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Astra Linux
Linux Kernel