Memory Leak in CIFS Implementation of Linux Kernel
CVE-2022-50372

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 17 September 2025

What is CVE-2022-50372?

A memory leak vulnerability in the CIFS (Common Internet File System) implementation of the Linux kernel occurs when the ntlmssp negotiate blob fails during the mounting process. This flaw leads to unreferenced objects remaining allocated in memory, which can degrade system performance over time. Proper handling of session setup requests is essential to prevent memory leaks in such scenarios.

Affected Version(s)

Linux 49bd49f983b5026e4557d31c5d737d9657c4113e

Linux 49bd49f983b5026e4557d31c5d737d9657c4113e < 30b2d7f8f13664655480d6af45f60270b3eb6736

Linux 5.16

References

https://git.kernel.org/stable/c/fa5a70bdd5e565c8696fb04df...

https://git.kernel.org/stable/c/30b2d7f8f13664655480d6af4...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 17, 2025
Vulnerability Reserved
Sep 17, 2025