vulnerability
Debian: CVE-2022-49801: linux -- security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | May 1, 2025 | May 5, 2025 | May 27, 2025 |
Description
In the Linux kernel, the following vulnerability has been resolved:
tracing: Fix memory leak in tracing_read_pipe()
kmemleak reports this issue:
unreferenced object 0xffff888105a18900 (size 128):
comm "test_progs", pid 18933, jiffies 4336275356 (age 22801.766s)
hex dump (first 32 bytes):
25 73 00 90 81 88 ff ff 26 05 00 00 42 01 58 04 %s......&...B.X.
03 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[] __kmalloc_node_track_caller+0x4a/0x140
[] krealloc+0x8d/0xf0
[] trace_iter_expand_format+0x99/0x150
[] trace_check_vprintf+0x1e0/0x11d0
[] trace_event_printf+0xb6/0xf0
[] trace_raw_output_bpf_trace_printk+0x89/0xc0
[] print_trace_line+0x73c/0x1480
[] tracing_read_pipe+0x45c/0x9f0
[] vfs_read+0x17b/0x7c0
[] ksys_read+0xed/0x1c0
[] do_syscall_64+0x3b/0x90
[] entry_SYSCALL_64_after_hwframe+0x63/0xcd
iter->fmt alloced in
tracing_read_pipe() -> .. ->trace_iter_expand_format(), but not
freed, to fix, add free in tracing_release_pipe()
Solution(s)
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.