CVE-2022-49381
Published: Feb 26, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2_do_fill_super If jffs2_iget() or d_make_root() in jffs2_do_fill_super() returns an error, we can observe the following kmemleak report: -------------------------------------------- unreferenced object 0xffff888105a65340 (size 64): comm "mount", pid 710, jiffies 4302851558 (age 58.239s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<ffffffff859c45e5>] kmem_cache_alloc_trace+0x475/0x8a0 [<ffffffff86160146>] jffs2_sum_init+0x96/0x1a0 [<ffffffff86140e25>] jffs2_do_mount_fs+0x745/0x2120 [<ffffffff86149fec>] jffs2_do_fill_super+0x35c/0x810 [<ffffffff8614aae9>] jffs2_fill_super+0x2b9/0x3b0 [...] unreferenced object 0xffff8881bd7f0000 (size 65536): comm "mount", pid 710, jiffies 4302851558 (age 58.239s) hex dump (first 32 bytes): bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................ bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................ backtrace: [<ffffffff858579ba>] kmalloc_order+0xda/0x110 [<ffffffff85857a11>] kmalloc_order_trace+0x21/0x130 [<ffffffff859c2ed1>] __kmalloc+0x711/0x8a0 [<ffffffff86160189>] jffs2_sum_init+0xd9/0x1a0 [<ffffffff86140e25>] jffs2_do_mount_fs+0x745/0x2120 [<ffffffff86149fec>] jffs2_do_fill_super+0x35c/0x810 [<ffffffff8614aae9>] jffs2_fill_super+0x2b9/0x3b0 [...] -------------------------------------------- This is because the resources allocated in jffs2_sum_init() are not released. Call jffs2_sum_exit() to release these resources to solve the problem.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected e631ddba588783edd521c5a89f7b2902772fb691 - < 4ba7bbeab8009faf3a726e565d98816593ddd5b0affected e631ddba588783edd521c5a89f7b2902772fb691 - < 4da8763a3d2b684c773b72ed80fad40bc264bc40affected e631ddba588783edd521c5a89f7b2902772fb691 - < 28048a4cf3813b7cf5cc8cce629dfdc7951cb1c2affected e631ddba588783edd521c5a89f7b2902772fb691 - < d3a4fff1e7e408c32649030daa7c2c42a7e19a95affected e631ddba588783edd521c5a89f7b2902772fb691 - < 3252d327f977b14663a10967f3b0930d6c325687+4 more versions |
Linux | Linux | affected 2.6.15unaffected 0 - < 2.6.15unaffected 4.9.318 - <= 4.9.*unaffected 4.14.283 - <= 4.14.*unaffected 4.19.247 - <= 4.19.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now