{
  "threat_severity" : "Low",
  "public_date" : "2025-09-15T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: drm/vkms: Fix memory leak in vkms_init()",
    "id" : "2395226",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2395226"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-772",
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\ndrm/vkms: Fix memory leak in vkms_init()\nA memory leak was reported after the vkms module install failed.\nunreferenced object 0xffff88810bc28520 (size 16):\ncomm \"modprobe\", pid 9662, jiffies 4298009455 (age 42.590s)\nhex dump (first 16 bytes):\n01 01 00 64 81 88 ff ff 00 00 dc 0a 81 88 ff ff  ...d............\nbacktrace:\n[<00000000e7561ff8>] kmalloc_trace+0x27/0x60\n[<000000000b1954a0>] 0xffffffffc45200a9\n[<00000000abbf1da0>] do_one_initcall+0xd0/0x4f0\n[<000000001505ee87>] do_init_module+0x1a4/0x680\n[<00000000958079ad>] load_module+0x6249/0x7110\n[<00000000117e4696>] __do_sys_finit_module+0x140/0x200\n[<00000000f74b12d2>] do_syscall_64+0x35/0x80\n[<000000008fc6fcde>] entry_SYSCALL_64_after_hwframe+0x46/0xb0\nThe reason is that the vkms_init() returns without checking the return\nvalue of vkms_create(), and if the vkms_create() failed, the config\nallocated at the beginning of vkms_init() is leaked.\nvkms_init()\nconfig = kmalloc(...) # config allocated\n...\nreturn vkms_create() # vkms_create failed and config is leaked\nFix this problem by checking return value of vkms_create() and free the\nconfig if error happened." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2025-08-18T00:00:00Z",
    "advisory" : "RHSA-2025:13961",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8::nfv",
    "package" : "kernel-rt-0:4.18.0-553.70.1.rt7.411.el8_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2023-11-14T00:00:00Z",
    "advisory" : "RHSA-2023:7077",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "kernel-0:4.18.0-513.5.1.el8_9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2025-08-18T00:00:00Z",
    "advisory" : "RHSA-2025:13960",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "kernel-0:4.18.0-553.70.1.el8_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-11-07T00:00:00Z",
    "advisory" : "RHSA-2023:6583",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-362.8.1.el9_3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-11-07T00:00:00Z",
    "advisory" : "RHSA-2023:6583",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-362.8.1.el9_3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
    "release_date" : "2025-09-11T00:00:00Z",
    "advisory" : "RHSA-2025:15670",
    "cpe" : "cpe:/a:redhat:rhel_e4s:9.0",
    "package" : "kernel-0:5.14.0-70.146.1.el9_0"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
    "release_date" : "2025-09-10T00:00:00Z",
    "advisory" : "RHSA-2025:15658",
    "cpe" : "cpe:/a:redhat:rhel_e4s:9.0::nfv",
    "package" : "kernel-rt-0:5.14.0-70.146.1.rt21.218.el9_0"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-50269\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-50269\nhttps://lore.kernel.org/linux-cve-announce/2025091504-CVE-2022-50269-24d9@gregkh/T" ],
  "name" : "CVE-2022-50269",
  "csaw" : false
}