vulnerability

Debian: CVE-2022-49912: linux -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:N/I:N/A:C)	May 1, 2025	May 5, 2025	Mar 30, 2026

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

May 1, 2025

Added

May 5, 2025

Modified

Mar 30, 2026

Description

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix ulist leaks in error paths of qgroup self tests

In the test_no_shared_qgroup() and test_multiple_refs() qgroup self tests,
if we fail to add the tree ref, remove the extent item or remove the
extent ref, we are returning from the test function without freeing the
"old_roots" ulist that was allocated by the previous calls to
btrfs_find_all_roots(). Fix that by calling ulist_free() before returning.

Solution

debian-upgrade-linux

References

CVE-2022-49912
https://attackerkb.com/topics/CVE-2022-49912
CWE-401
EUVD-EUVD-2025-12870
https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-12870

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report