CVE-2022-50512

ext4: fix potential memory leak in ext4_fc_record_regions()

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4_fc_record_regions() As krealloc may return NULL, in this case 'state->fc_regions' may not be
freed by krealloc, but 'state->fc_regions' already set NULL. Then will
lead to 'state->fc_regions' memory leak.

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4_fc_record_regions() As krealloc may return NULL, in this case 'state->fc_regions' may not be freed by krealloc, but 'state->fc_regions' already set NULL. Then will lead to 'state->fc_regions' memory leak.

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-10-07 CVE Reserved
2025-10-07 CVE Published
2026-05-03 EPSS Updated
2026-05-11 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-772: Missing Release of Resource after Effective Lifetime

CAPEC

References (8)

URL	Tag	Source
https://git.kernel.org/stable/c/8016e29f4362e285f0f7e38fadc61a5b7bdfdfa2	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/2cfb769d60a2a57eb3566765428b6131cd16dcfe	2022-10-26
https://git.kernel.org/stable/c/417b0455a0b6d0f60a2930592731d1f8340e24be	2022-10-26
https://git.kernel.org/stable/c/a4058b869e6c5e517c79e30532a350d0f3115c3e	2022-10-24
https://git.kernel.org/stable/c/518566e71ad86b7c2f1bf6d9caee9588bb7ac158	2022-10-21
https://git.kernel.org/stable/c/7069d105c1f15c442b68af43f7fde784f3126739	2022-10-01

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2022-50512	2023-05-09
https://bugzilla.redhat.com/show_bug.cgi?id=2402229	2023-05-09

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10 < 5.10.150 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 5.10.150"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10 < 5.15.75 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 5.15.75"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10 < 5.19.17 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 5.19.17"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10 < 6.0.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 6.0.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10 < 6.1 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 6.1"		en		Affected