SB20251230114 - Memory leak in Linux kernel rapidio driver

Description

This security bulletin contains information about 1 security vulnerability.

1) Memory leak (CVE-ID: CVE-2022-50857)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the rio_register_mport() function in drivers/rapidio/rio.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/0a71344f99289250e4d5b8adbac76f444485c840
• https://git.kernel.org/stable/c/117fede82e9d6ea3de30746d500eb5edc2eb8310
• https://git.kernel.org/stable/c/1bbad5793f404cf218757e3beb600eca6080330f
• https://git.kernel.org/stable/c/4ddbeae5f224d924cf0b12460dda88c7480aa452
• https://git.kernel.org/stable/c/97d9eb45ffa67ffa112a6659953321b8f7db0065
• https://git.kernel.org/stable/c/9abba4aa60874c5216fc8de7dededadc791de696
• https://git.kernel.org/stable/c/a47de2fd3f88a7788be19f94ade72c2244a98045
• https://git.kernel.org/stable/c/a73a626c0510d203e369aeb26c4d6ec9c75af027
• https://git.kernel.org/stable/c/e92a216d16bde65d21a3227e0fb2aa0794576525
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.303
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.270
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.337
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.163
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.86
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.229
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.16
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.2
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2