CVE-2022-49912

btrfs: fix ulist leaks in error paths of qgroup self tests

Description

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix ulist leaks in error paths of qgroup self tests In the test_no_shared_qgroup() and test_multiple_refs() qgroup self tests, if we fail to add the tree ref, remove the extent item or remove the extent ref, we are returning from the test function without freeing the "old_roots" ulist that was allocated by the previous calls to btrfs_find_all_roots(). Fix that by calling ulist_free() before returning.

N/A
CVSS
Severity:
EPSS 0.03%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/d81370396025cf63a7a1b5f8bb25a3479203b2ca
https://git.kernel.org/stable/c/3f58283d83a588ff5da62fc150de19e798ed2ec2
https://git.kernel.org/stable/c/203204798831c35d855ecc6417d98267d2d2184b
https://git.kernel.org/stable/c/5d1a47ebf84540e40b5b43fc21aef0d6c0f627d9
https://git.kernel.org/stable/c/0a0dead4ad1a2e2a9bdf133ef45111d7c8daef84
https://git.kernel.org/stable/c/f46ea5fa3320dca4fe0c0926b49a5f14cb85de62
https://git.kernel.org/stable/c/da7003434bcab0ae9aba3f2c003e734cae093326
https://git.kernel.org/stable/c/d37de92b38932d40e4a251e876cc388f9aee5f42

Frequently Asked Questions

What is the severity of CVE-2022-49912?
CVE-2022-49912 has not yet been assigned a CVSS score.
How to fix CVE-2022-49912?
To fix CVE-2022-49912, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-49912 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2022-49912 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-49912?
CVE-2022-49912 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.