CVE-2022-50451
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-01

Last updated on: 2025-10-02

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix memory leak on ntfs_fill_super() error path syzbot reported kmemleak as below: BUG: memory leak unreferenced object 0xffff8880122f1540 (size 32): comm "a.out", pid 6664, jiffies 4294939771 (age 25.500s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 ed ff ed ff 00 00 00 00 ................ backtrace: [<ffffffff81b16052>] ntfs_init_fs_context+0x22/0x1c0 [<ffffffff8164aaa7>] alloc_fs_context+0x217/0x430 [<ffffffff81626dd4>] path_mount+0x704/0x1080 [<ffffffff81627e7c>] __x64_sys_mount+0x18c/0x1d0 [<ffffffff84593e14>] do_syscall_64+0x34/0xb0 [<ffffffff84600087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd This patch fixes this issue by freeing mount options on error path of ntfs_fill_super().
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-01
Last Modified
2025-10-02
Generated
2026-06-16
AI Q&A
2025-10-01
EPSS Evaluated
2026-06-14
NVD
CVE-2022-50451
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a memory leak in the Linux kernel's NTFS3 filesystem driver. Specifically, when an error occurs in the ntfs_fill_super() function during mounting, certain memory allocated for mount options is not freed properly, leading to a memory leak. This was detected by syzbot's kmemleak tool and fixed by ensuring the memory is freed on the error path.

Impact Analysis

The memory leak can cause the system to consume more memory over time if the error path in ntfs_fill_super() is triggered repeatedly, potentially leading to degraded system performance or instability due to exhausted memory resources.

Detection Guidance

This vulnerability can be detected by monitoring for memory leaks related to the ntfs3 filesystem in the Linux kernel. Specifically, using kmemleak detection tools can help identify unreferenced objects as described in the bug report. You can enable and check kmemleak with commands such as: 1. Enable kmemleak (if not already enabled): echo scan > /sys/kernel/debug/kmemleak 2. Check for memory leaks: cat /sys/kernel/debug/kmemleak Look for entries related to ntfs3 or ntfs_fill_super errors indicating memory leaks.

Mitigation Strategies

The immediate mitigation is to apply the patch that fixes the memory leak in ntfs_fill_super() error path in the Linux kernel. Until the patch is applied, avoid mounting NTFS3 filesystems if possible, or monitor for memory leaks using kmemleak and restart affected services or the system to clear leaked memory.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50451. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart