ghsa-hc4h-pg37-34f7
Vulnerability from github
Published
2025-06-18 12:30
Modified
2025-06-18 12:30
Details

In the Linux kernel, the following vulnerability has been resolved:

cifs: Fix memory leak on the deferred close

xfstests on smb21 report kmemleak as below:

unreferenced object 0xffff8881767d6200 (size 64): comm "xfs_io", pid 1284, jiffies 4294777434 (age 20.789s) hex dump (first 32 bytes): 80 5a d0 11 81 88 ff ff 78 8a aa 63 81 88 ff ff .Z......x..c.... 00 71 99 76 81 88 ff ff 00 00 00 00 00 00 00 00 .q.v............ backtrace: [<00000000ad04e6ea>] cifs_close+0x92/0x2c0 [<0000000028b93c82>] __fput+0xff/0x3f0 [<00000000d8116851>] task_work_run+0x85/0xc0 [<0000000027e14f9e>] do_exit+0x5e5/0x1240 [<00000000fb492b95>] do_group_exit+0x58/0xe0 [<00000000129a32d9>] __x64_sys_exit_group+0x28/0x30 [<00000000e3f7d8e9>] do_syscall_64+0x35/0x80 [<00000000102e8a0b>] entry_SYSCALL_64_after_hwframe+0x46/0xb0

When cancel the deferred close work, we should also cleanup the struct cifs_deferred_close.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2022-50076"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-18T11:15:36Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix memory leak on the deferred close\n\nxfstests on smb21 report kmemleak as below:\n\n  unreferenced object 0xffff8881767d6200 (size 64):\n    comm \"xfs_io\", pid 1284, jiffies 4294777434 (age 20.789s)\n    hex dump (first 32 bytes):\n      80 5a d0 11 81 88 ff ff 78 8a aa 63 81 88 ff ff  .Z......x..c....\n      00 71 99 76 81 88 ff ff 00 00 00 00 00 00 00 00  .q.v............\n    backtrace:\n      [\u003c00000000ad04e6ea\u003e] cifs_close+0x92/0x2c0\n      [\u003c0000000028b93c82\u003e] __fput+0xff/0x3f0\n      [\u003c00000000d8116851\u003e] task_work_run+0x85/0xc0\n      [\u003c0000000027e14f9e\u003e] do_exit+0x5e5/0x1240\n      [\u003c00000000fb492b95\u003e] do_group_exit+0x58/0xe0\n      [\u003c00000000129a32d9\u003e] __x64_sys_exit_group+0x28/0x30\n      [\u003c00000000e3f7d8e9\u003e] do_syscall_64+0x35/0x80\n      [\u003c00000000102e8a0b\u003e] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nWhen cancel the deferred close work, we should also cleanup the struct\ncifs_deferred_close.",
  "id": "GHSA-hc4h-pg37-34f7",
  "modified": "2025-06-18T12:30:46Z",
  "published": "2025-06-18T12:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50076"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/60b6d38add7b9c17d6e5d49ee8e930ea1a5650c5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/860efae127888ae535bc4eda1b7f27642727c69e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ca08d0eac020d48a3141dbec0a3cf64fbdb17cde"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.