CVE-2022-50707
Unknown
Unknown - Not Provided
Memory Leak in Linux Kernel virtio-crypto Component
Publication date: 2025-12-24
Last updated on: 2025-12-24
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
virtio-crypto: fix memory leak in virtio_crypto_alg_skcipher_close_session()
'vc_ctrl_req' is alloced in virtio_crypto_alg_skcipher_close_session(),
and should be freed in the invalid ctrl_status->status error handling
case. Otherwise there is a memory leak.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a memory leak in the Linux kernel's virtio-crypto component. Specifically, in the function virtio_crypto_alg_skcipher_close_session(), a control request object ('vc_ctrl_req') is allocated but not properly freed in certain error handling cases, leading to a memory leak.
How can this vulnerability impact me? :
The memory leak caused by this vulnerability can lead to increased memory usage over time, potentially degrading system performance or causing resource exhaustion if exploited repeatedly.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70