Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: virtio-crypto: fix memory leak in virtio_crypto_alg_skcipher_close_session() 'vc_ctrl_req' is alloced in virtio_crypto_alg_skcipher_close_session(), and should be freed in the invalid ctrl_status->status error handling case. Otherwise there is a memory leak.
References
- https://git.kernel.org/stable/c/0871df190fe6723464efe0f493d476411616f553
- https://git.kernel.org/stable/c/67fb59ff1384e338679c0eb7a43c83ce8868c9fa
- https://git.kernel.org/stable/c/79026a2d0a1b080257773d22a493f9bcab8c65be
- https://git.kernel.org/stable/c/b1d65f717cd6305a396a8738e022c6f7c65cfbe8
FAQ
What is CVE-2022-50707?
CVE-2022-50707 is a documented vulnerability. In the Linux kernel, the following vulnerability has been resolved: virtio-crypto: fix memory leak in virtio_crypto_alg_skcipher_close_session() 'vc_ctrl_req' is alloced in virtio_crypto_alg_skciphe...
How severe is CVE-2022-50707?
CVSS scoring is not yet available for CVE-2022-50707. Check NVD for updates.
Is there a patch for CVE-2022-50707?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.