{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2022-49381","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-02-26T02:08:31.559Z","datePublished":"2025-02-26T02:11:18.812Z","dateUpdated":"2025-10-01T19:46:52.106Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T08:36:28.528Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\njffs2: fix memory leak in jffs2_do_fill_super\n\nIf jffs2_iget() or d_make_root() in jffs2_do_fill_super() returns\nan error, we can observe the following kmemleak report:\n\n--------------------------------------------\nunreferenced object 0xffff888105a65340 (size 64):\n  comm \"mount\", pid 710, jiffies 4302851558 (age 58.239s)\n  hex dump (first 32 bytes):\n    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n  backtrace:\n    [<ffffffff859c45e5>] kmem_cache_alloc_trace+0x475/0x8a0\n    [<ffffffff86160146>] jffs2_sum_init+0x96/0x1a0\n    [<ffffffff86140e25>] jffs2_do_mount_fs+0x745/0x2120\n    [<ffffffff86149fec>] jffs2_do_fill_super+0x35c/0x810\n    [<ffffffff8614aae9>] jffs2_fill_super+0x2b9/0x3b0\n    [...]\nunreferenced object 0xffff8881bd7f0000 (size 65536):\n  comm \"mount\", pid 710, jiffies 4302851558 (age 58.239s)\n  hex dump (first 32 bytes):\n    bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb  ................\n    bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb  ................\n  backtrace:\n    [<ffffffff858579ba>] kmalloc_order+0xda/0x110\n    [<ffffffff85857a11>] kmalloc_order_trace+0x21/0x130\n    [<ffffffff859c2ed1>] __kmalloc+0x711/0x8a0\n    [<ffffffff86160189>] jffs2_sum_init+0xd9/0x1a0\n    [<ffffffff86140e25>] jffs2_do_mount_fs+0x745/0x2120\n    [<ffffffff86149fec>] jffs2_do_fill_super+0x35c/0x810\n    [<ffffffff8614aae9>] jffs2_fill_super+0x2b9/0x3b0\n    [...]\n--------------------------------------------\n\nThis is because the resources allocated in jffs2_sum_init() are not\nreleased. Call jffs2_sum_exit() to release these resources to solve\nthe problem."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/jffs2/fs.c"],"versions":[{"version":"e631ddba588783edd521c5a89f7b2902772fb691","lessThan":"4ba7bbeab8009faf3a726e565d98816593ddd5b0","status":"affected","versionType":"git"},{"version":"e631ddba588783edd521c5a89f7b2902772fb691","lessThan":"4da8763a3d2b684c773b72ed80fad40bc264bc40","status":"affected","versionType":"git"},{"version":"e631ddba588783edd521c5a89f7b2902772fb691","lessThan":"28048a4cf3813b7cf5cc8cce629dfdc7951cb1c2","status":"affected","versionType":"git"},{"version":"e631ddba588783edd521c5a89f7b2902772fb691","lessThan":"d3a4fff1e7e408c32649030daa7c2c42a7e19a95","status":"affected","versionType":"git"},{"version":"e631ddba588783edd521c5a89f7b2902772fb691","lessThan":"3252d327f977b14663a10967f3b0930d6c325687","status":"affected","versionType":"git"},{"version":"e631ddba588783edd521c5a89f7b2902772fb691","lessThan":"ecc53e58596542791e82eff00702f8af7a313f70","status":"affected","versionType":"git"},{"version":"e631ddba588783edd521c5a89f7b2902772fb691","lessThan":"cf9db013e167bc8fc2ecd7a13ed97a37df0c9dab","status":"affected","versionType":"git"},{"version":"e631ddba588783edd521c5a89f7b2902772fb691","lessThan":"69295267c481545f636b69ff341b8db75aa136b9","status":"affected","versionType":"git"},{"version":"e631ddba588783edd521c5a89f7b2902772fb691","lessThan":"c14adb1cf70a984ed081c67e9d27bc3caad9537c","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/jffs2/fs.c"],"versions":[{"version":"2.6.15","status":"affected"},{"version":"0","lessThan":"2.6.15","status":"unaffected","versionType":"semver"},{"version":"4.9.318","lessThanOrEqual":"4.9.*","status":"unaffected","versionType":"semver"},{"version":"4.14.283","lessThanOrEqual":"4.14.*","status":"unaffected","versionType":"semver"},{"version":"4.19.247","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.198","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.122","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.47","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"5.17.15","lessThanOrEqual":"5.17.*","status":"unaffected","versionType":"semver"},{"version":"5.18.4","lessThanOrEqual":"5.18.*","status":"unaffected","versionType":"semver"},{"version":"5.19","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.15","versionEndExcluding":"4.9.318"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.15","versionEndExcluding":"4.14.283"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.15","versionEndExcluding":"4.19.247"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.15","versionEndExcluding":"5.4.198"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.15","versionEndExcluding":"5.10.122"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.15","versionEndExcluding":"5.15.47"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.15","versionEndExcluding":"5.17.15"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.15","versionEndExcluding":"5.18.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.15","versionEndExcluding":"5.19"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/4ba7bbeab8009faf3a726e565d98816593ddd5b0"},{"url":"https://git.kernel.org/stable/c/4da8763a3d2b684c773b72ed80fad40bc264bc40"},{"url":"https://git.kernel.org/stable/c/28048a4cf3813b7cf5cc8cce629dfdc7951cb1c2"},{"url":"https://git.kernel.org/stable/c/d3a4fff1e7e408c32649030daa7c2c42a7e19a95"},{"url":"https://git.kernel.org/stable/c/3252d327f977b14663a10967f3b0930d6c325687"},{"url":"https://git.kernel.org/stable/c/ecc53e58596542791e82eff00702f8af7a313f70"},{"url":"https://git.kernel.org/stable/c/cf9db013e167bc8fc2ecd7a13ed97a37df0c9dab"},{"url":"https://git.kernel.org/stable/c/69295267c481545f636b69ff341b8db75aa136b9"},{"url":"https://git.kernel.org/stable/c/c14adb1cf70a984ed081c67e9d27bc3caad9537c"}],"title":"jffs2: fix memory leak in jffs2_do_fill_super","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.5,"attackVector":"LOCAL","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"LOW","confidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"id":"CVE-2022-49381","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2025-10-01T19:41:55.283015Z"}}}],"problemTypes":[{"descriptions":[{"lang":"en","type":"CWE","cweId":"CWE-401","description":"CWE-401 Missing Release of Memory after Effective Lifetime"}]}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-10-01T19:46:52.106Z"}}]}}