Memory Leak in Linux Kernel's Floppy Disk Driver
CVE-2022-50342

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 September 2025

What is CVE-2022-50342?

A memory leak vulnerability was identified in the Linux kernel's floppy disk driver during the floppy initialization process. Specifically, when the floppy_alloc_disk() function fails in the do_floppy_init() sequence, it results in allocated memory not being released properly. This occurs because the error handling path does not deallocate the set->tag allocated during the disk initialization loop. A fix has been implemented to ensure that the set->tag is freed before an error recovery, mitigating potential resource exhaustion and improving system stability.

Affected Version(s)

Linux 302cfee150291c6cd85b1ca197d062d0b423d09c

Linux 302cfee150291c6cd85b1ca197d062d0b423d09c < 75d8c8851a4da0190c2480e84315b5fd3d0356c5

Linux 302cfee150291c6cd85b1ca197d062d0b423d09c < 55b3c66a0d441cd37154ae95e44d0b82ccfd580e

References

https://git.kernel.org/stable/c/f36d8c8651506aea5f09899f5...
https://git.kernel.org/stable/c/75d8c8851a4da0190c2480e84...
https://git.kernel.org/stable/c/55b3c66a0d441cd37154ae95e...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2022-50342 : Memory Leak in Linux Kernel's Floppy Disk Driver