SB2025122650 - Memory leak in Linux kernel orangefs
Published: December 26, 2025 Updated: December 31, 2025
Security Bulletin ID
SB2025122650
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2022-50779)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the orangefs_kernel_debug_init() and orangefs_prepare_debugfs_help_string() functions in fs/orangefs/orangefs-debugfs.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/19be31668552a198e887762e25bdcc560800ecb4
- https://git.kernel.org/stable/c/2e7c09121064df93c58bbc49d3d0f608d3f584bd
- https://git.kernel.org/stable/c/39529b79b023713d4f2d3479dc0ca43ba99df726
- https://git.kernel.org/stable/c/3fc221d9a16339a913a0341d3efc7fef339073e1
- https://git.kernel.org/stable/c/44d3eac26a5e5268d11cc342dc202b0d31505c0a
- https://git.kernel.org/stable/c/b8affa0c6405ee968dcb6030bee2cf719a464752
- https://git.kernel.org/stable/c/ba9d3b9cec20957fd86bb1bf525b4ea8b64b2dea
- https://git.kernel.org/stable/c/d23417a5bf3a3afc55de5442eb46e1e60458b0a1
- https://git.kernel.org/stable/c/f2b8a6aac561a49fe02c99683c40a8b87a9f68fc
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.303