{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-50170", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-06-18T10:57:27.426Z", "datePublished": "2025-06-18T11:03:23.031Z", "dateUpdated": "2025-06-18T11:03:23.031Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-06-18T11:03:23.031Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkunit: executor: Fix a memory leak on failure in kunit_filter_tests\n\nIt's possible that memory allocation for 'filtered' will fail, but for the\ncopy of the suite to succeed. In this case, the copy could be leaked.\n\nProperly free 'copy' in the error case for the allocation of 'filtered'\nfailing.\n\nNote that there may also have been a similar issue in\nkunit_filter_subsuites, before it was removed in \"kunit: flatten\nkunit_suite*** to kunit_suite** in .kunit_test_suites\".\n\nThis was reported by clang-analyzer via the kernel test robot, here:\nhttps://lore.kernel.org/all/[email protected]/\n\nAnd by smatch via Dan Carpenter and the kernel test robot:\nhttps://lore.kernel.org/all/[email protected]/"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["lib/kunit/executor.c"], "versions": [{"version": "bd8b222a0002872bb229f6c755672a093ef93ea4", "lessThan": "a8a7e3ced362b88b659ab54239990196ff975982", "status": "affected", "versionType": "git"}, {"version": "a02353f491622e49c7ddedc6a6dc4f1d6ed2150a", "lessThan": "7d69764fa3442c7615a75c6b5c02eaa1f274bccf", "status": "affected", "versionType": "git"}, {"version": "a02353f491622e49c7ddedc6a6dc4f1d6ed2150a", "lessThan": "94681e289bf5d10c9db9db143d1a22d8717205c5", "status": "affected", "versionType": "git"}, {"version": "80cf4932c2545bc231e933d869511008c36af1e0", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["lib/kunit/executor.c"], "versions": [{"version": "5.19", "status": "affected"}, {"version": "0", "lessThan": "5.19", "status": "unaffected", "versionType": "semver"}, {"version": "5.18.18", "lessThanOrEqual": "5.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.19.2", "lessThanOrEqual": "5.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.18.3", "versionEndExcluding": "5.18.18"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.19", "versionEndExcluding": "5.19.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.19", "versionEndExcluding": "6.0"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.17.14"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/a8a7e3ced362b88b659ab54239990196ff975982"}, {"url": "https://git.kernel.org/stable/c/7d69764fa3442c7615a75c6b5c02eaa1f274bccf"}, {"url": "https://git.kernel.org/stable/c/94681e289bf5d10c9db9db143d1a22d8717205c5"}], "title": "kunit: executor: Fix a memory leak on failure in kunit_filter_tests", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "53441672-E856-4C9B-92DD-20B8133BE921", "versionEndExcluding": "5.18", "versionStartIncluding": "5.17.14", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A271EA6-471F-4DDD-955D-AA1DB01A48A5", "versionEndExcluding": "5.18.18", "versionStartIncluding": "5.18.3", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A1A2A5A5-4598-4D7E-BA07-4660398D6C8F", "versionEndExcluding": "5.19.2", "versionStartIncluding": "5.19", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkunit: executor: Fix a memory leak on failure in kunit_filter_tests\n\nIt's possible that memory allocation for 'filtered' will fail, but for the\ncopy of the suite to succeed. In this case, the copy could be leaked.\n\nProperly free 'copy' in the error case for the allocation of 'filtered'\nfailing.\n\nNote that there may also have been a similar issue in\nkunit_filter_subsuites, before it was removed in \"kunit: flatten\nkunit_suite*** to kunit_suite** in .kunit_test_suites\".\n\nThis was reported by clang-analyzer via the kernel test robot, here:\nhttps://lore.kernel.org/all/[email protected]/\n\nAnd by smatch via Dan Carpenter and the kernel test robot:\nhttps://lore.kernel.org/all/[email protected]/"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: kunit: executor: Se corrige una fuga de memoria en caso de fallo en kunit_filter_tests. Es posible que la asignaci\u00f3n de memoria para \"filtered\" falle, pero que la copia de la suite se realice correctamente. En este caso, la copia podr\u00eda sufrir una fuga. Libere correctamente \"copy\" en caso de error en caso de fallo en la asignaci\u00f3n de \"filtered\". Tenga en cuenta que tambi\u00e9n podr\u00eda haber existido un problema similar en kunit_filter_subsuites, antes de que se eliminara en \"kunit: flatten kunit_suite*** to kunit_suite** in .kunit_test_suites\". Esto fue informado por clang-analyzer a trav\u00e9s del robot de pruebas del kernel, aqu\u00ed: https://lore.kernel.org/all/[email protected]/ Y por smatch a trav\u00e9s de Dan Carpenter y el robot de pruebas del kernel: https://lore.kernel.org/all/[email protected]/"}], "id": "CVE-2022-50170", "lastModified": "2025-11-28T14:46:10.813", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "[email protected]", "type": "Primary"}]}, "published": "2025-06-18T11:15:47.340", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7d69764fa3442c7615a75c6b5c02eaa1f274bccf"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/94681e289bf5d10c9db9db143d1a22d8717205c5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a8a7e3ced362b88b659ab54239990196ff975982"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "[email protected]", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: kunit: executor: Fix a memory leak on failure in kunit_filter_tests", "id": "2373631", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373631"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nkunit: executor: Fix a memory leak on failure in kunit_filter_tests\nIt's possible that memory allocation for 'filtered' will fail, but for the\ncopy of the suite to succeed. In this case, the copy could be leaked.\nProperly free 'copy' in the error case for the allocation of 'filtered'\nfailing.\nNote that there may also have been a similar issue in\nkunit_filter_subsuites, before it was removed in \"kunit: flatten\nkunit_suite*** to kunit_suite** in .kunit_test_suites\".\nThis was reported by clang-analyzer via the kernel test robot, here:\nhttps://lore.kernel.org/all/[email protected]/\nAnd by smatch via Dan Carpenter and the kernel test robot:\nhttps://lore.kernel.org/all/[email protected]/"], "name": "CVE-2022-50170", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-06-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-50170\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-50170\nhttps://lore.kernel.org/linux-cve-announce/2025061829-CVE-2022-50170-6904@gregkh/T"], "threat_severity": "Low"}