Memory Leak Vulnerability in Linux Kernel's SMB2 Negotiation Process
CVE-2022-49938

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 June 2025

What is CVE-2022-49938?

A memory leak was identified in the Linux kernel's SMB2_negotiate function, where improper error handling in cases of dialect mismatches could prevent the release of response buffers. This issue could lead to exhaustion of memory resources over time, potentially impacting system stability and performance.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 9e3c9efa7caf16e5acc05eab5e4d0a714e1610b0

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 38a6b469bf22f153282fbe7d702a24e9eb43f50e

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 27893dfc1285f80f80f46b3b8c95f5d15d2e66d0

References

https://git.kernel.org/stable/c/9e3c9efa7caf16e5acc05eab5...

https://git.kernel.org/stable/c/38a6b469bf22f153282fbe7d7...

https://git.kernel.org/stable/c/27893dfc1285f80f80f46b3b8...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 18, 2025
Vulnerability Reserved
May 1, 2025