CVE-2022-50077
BaseFortify
Publication date: 2025-06-18
Last updated on: 2025-11-17
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | 4.14 |
| linux | linux_kernel | 4.14 |
| linux | linux_kernel | 4.14 |
| linux | linux_kernel | 4.14 |
| linux | linux_kernel | 4.14 |
| linux | linux_kernel | 4.14 |
| linux | linux_kernel | 4.14 |
| linux | linux_kernel | 4.14 |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-Other |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a reference count leak in the Linux kernel's AppArmor module, specifically in the aa_pivotroot() function. The function fails to decrement the reference count of a 'target' object after a successful call to aa_replace_current_label(), leading to a reference leak because the reference count was previously incremented by build_pivotroot(). The issue has been fixed by ensuring the reference count is properly decreased in that code path.
How can this vulnerability impact me? :
The reference count leak can lead to resource management issues within the kernel, potentially causing memory leaks or other stability problems. Over time, this could degrade system performance or lead to unexpected behavior in systems using AppArmor for security.