CVE-2022-50134

RDMA/hfi1: fix potential memory leak in setup_base_ctxt()

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: fix potential memory leak in setup_base_ctxt() setup_base_ctxt() allocates a memory chunk for uctxt->groups with hfi1_alloc_ctxt_rcv_groups(). When init_user_ctxt() fails, uctxt->groups is not released, which will lead to a memory leak. We should release the uctxt->groups with hfi1_free_ctxt_rcv_groups() when init_user_ctxt() fails.

N/A
CVSS
Severity:
EPSS 0.02%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/fc4de8009fd6c2ca51986c6757efa964040e7d02
https://git.kernel.org/stable/c/90ef48a718f88935d4af53d7dadd1ceafe103ce6
https://git.kernel.org/stable/c/2f90813f1c21c3d780585390af961bd17c8515ae
https://git.kernel.org/stable/c/a85c7dd1edadcdeca24e603a6618153a3bcc81ca
https://git.kernel.org/stable/c/e25b828553aecb3185a8d8d0c4f9b4e133fb5db6
https://git.kernel.org/stable/c/1750be1e9f18787cf717c24dbc5fa029fc372a22
https://git.kernel.org/stable/c/a9055dfe437efae77e28e57205437c878a03ccb7
https://git.kernel.org/stable/c/aa2a1df3a2c85f855af7d54466ac10bd48645d63

Frequently Asked Questions

What is the severity of CVE-2022-50134?
CVE-2022-50134 has not yet been assigned a CVSS score.
How to fix CVE-2022-50134?
To fix CVE-2022-50134, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-50134 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2022-50134 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-50134?
CVE-2022-50134 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.