CVE-2022-49277

Feb. 26, 2025, 7:01 a.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2_do_mount_fs If jffs2_build_filesystem() in jffs2_do_mount_fs() returns an error, we can observe the following kmemleak report: -------------------------------------------- unreferenced object 0xffff88811b25a640 (size 64): comm "mount", pid 691, jiffies 4294957728 (age 71.952s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<ffffffffa493be24>] kmem_cache_alloc_trace+0x584/0x880 [<ffffffffa5423a06>] jffs2_sum_init+0x86/0x130 [<ffffffffa5400e58>] jffs2_do_mount_fs+0x798/0xac0 [<ffffffffa540acf3>] jffs2_do_fill_super+0x383/0xc30 [<ffffffffa540c00a>] jffs2_fill_super+0x2ea/0x4c0 [...] unreferenced object 0xffff88812c760000 (size 65536): comm "mount", pid 691, jiffies 4294957728 (age 71.952s) hex dump (first 32 bytes): bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................ bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................ backtrace: [<ffffffffa493a449>] __kmalloc+0x6b9/0x910 [<ffffffffa5423a57>] jffs2_sum_init+0xd7/0x130 [<ffffffffa5400e58>] jffs2_do_mount_fs+0x798/0xac0 [<ffffffffa540acf3>] jffs2_do_fill_super+0x383/0xc30 [<ffffffffa540c00a>] jffs2_fill_super+0x2ea/0x4c0 [...] -------------------------------------------- This is because the resources allocated in jffs2_sum_init() are not released. Call jffs2_sum_exit() to release these resources to solve the problem.

Product(s) Impacted

Product Versions
Linux kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/0978e9af4559a171ac7a74a1b3ef21804b0a0fa9
https://git.kernel.org/stable/c/2a9d8184458562e6bf2f40d0e677fc85e2dd3834
https://git.kernel.org/stable/c/4392e8aeebc5a4f8073620bccba7de1b1f6d7c88
https://git.kernel.org/stable/c/5f34310d1376ca5b2ed798258def2c2ab3cc6699
https://git.kernel.org/stable/c/607d3aab7349f18e0d9dba4100d09d16fe27caca
https://git.kernel.org/stable/c/9a0f6610c7daedd2eace430beeb08a8b7ac80699
https://git.kernel.org/stable/c/c94128470e6fe53d9bd9d16d2d3271813f9d37af
https://git.kernel.org/stable/c/d051cef784de4d54835f6b6836d98a8f6935772c
https://git.kernel.org/stable/c/dbe0d0521eaa6a3d235517319266c539bb5c5112

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-02-26
CVE-2022-49277

Timeline

Published: Feb. 26, 2025, 7:01 a.m.
Last Modified: Feb. 26, 2025, 7:01 a.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.