{
  "threat_severity" : "Low",
  "public_date" : "2025-09-15T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: Linux kernel: Denial of Service due to memory allocation failure in vhost/vsock",
    "id" : "2395311",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2395311"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-770",
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nvhost/vsock: Use kvmalloc/kvfree for larger packets.\nWhen copying a large file over sftp over vsock, data size is usually 32kB,\nand kmalloc seems to fail to try to allocate 32 32kB regions.\nvhost-5837: page allocation failure: order:4, mode:0x24040c0\nCall Trace:\n[<ffffffffb6a0df64>] dump_stack+0x97/0xdb\n[<ffffffffb68d6aed>] warn_alloc_failed+0x10f/0x138\n[<ffffffffb68d868a>] ? __alloc_pages_direct_compact+0x38/0xc8\n[<ffffffffb664619f>] __alloc_pages_nodemask+0x84c/0x90d\n[<ffffffffb6646e56>] alloc_kmem_pages+0x17/0x19\n[<ffffffffb6653a26>] kmalloc_order_trace+0x2b/0xdb\n[<ffffffffb66682f3>] __kmalloc+0x177/0x1f7\n[<ffffffffb66e0d94>] ? copy_from_iter+0x8d/0x31d\n[<ffffffffc0689ab7>] vhost_vsock_handle_tx_kick+0x1fa/0x301 [vhost_vsock]\n[<ffffffffc06828d9>] vhost_worker+0xf7/0x157 [vhost]\n[<ffffffffb683ddce>] kthread+0xfd/0x105\n[<ffffffffc06827e2>] ? vhost_dev_set_owner+0x22e/0x22e [vhost]\n[<ffffffffb683dcd1>] ? flush_kthread_worker+0xf3/0xf3\n[<ffffffffb6eb332e>] ret_from_fork+0x4e/0x80\n[<ffffffffb683dcd1>] ? flush_kthread_worker+0xf3/0xf3\nWork around by doing kvmalloc instead.", "A flaw was found in the Linux kernel's vhost/vsock component. A local user could trigger a memory allocation failure when copying large files over sftp (SSH File Transfer Protocol) over vsock (virtual socket). This issue occurs because the kernel's kmalloc function fails to allocate sufficient memory for larger packets, leading to a system crash and a Denial of Service (DoS)." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2023-05-16T00:00:00Z",
    "advisory" : "RHSA-2023:2951",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "kernel-0:4.18.0-477.10.1.el8_8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-05-09T00:00:00Z",
    "advisory" : "RHSA-2023:2458",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-284.11.1.el9_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-05-09T00:00:00Z",
    "advisory" : "RHSA-2023:2458",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-284.11.1.el9_2"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-50271\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-50271\nhttps://lore.kernel.org/linux-cve-announce/2025091505-CVE-2022-50271-2175@gregkh/T" ],
  "name" : "CVE-2022-50271",
  "csaw" : false
}