CVE-2022-49627

Published: Feb 26, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ima: Fix potential memory leak in ima_init_crypto() On failure to allocate the SHA1 tfm, IMA fails to initialize and exits without freeing the ima_algo_array. Add the missing kfree() for ima_algo_array to avoid the potential memory leak.

Vendor	Product	Versions
Linux	Linux	affected `6d94809af6b0830c4dfcad661535a5939bcb8a7d - < c1d9702ceb4a091da6bee380627596d1fba09274` affected `6d94809af6b0830c4dfcad661535a5939bcb8a7d - < 601ae26aa2802a4c10c94d7388a99eabdbefab2b` affected `6d94809af6b0830c4dfcad661535a5939bcb8a7d - < 830de9667b3ada0a75a3f098dfc7159709fe397b` affected `6d94809af6b0830c4dfcad661535a5939bcb8a7d - < 067d2521874135267e681c19d42761c601d503d6`
Linux	Linux	affected `5.8` unaffected `0 - < 5.8` unaffected `5.10.132 - <= 5.10.` unaffected `5.15.56 - <= 5.15.` unaffected `5.18.13 - <= 5.18.*` +1 more versions

References

https://git.kernel.org/stable/c/c1d9702ceb4a091da6bee380627596d1fba09274

https://git.kernel.org/stable/c/601ae26aa2802a4c10c94d7388a99eabdbefab2b

https://git.kernel.org/stable/c/830de9667b3ada0a75a3f098dfc7159709fe397b

https://git.kernel.org/stable/c/067d2521874135267e681c19d42761c601d503d6

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-49627

Description

Affected Products

References