CVE-2022-50201

medium

Description

In the Linux kernel, the following vulnerability has been resolved: selinux: fix memleak in security_read_state_kernel() In this function, it directly returns the result of __security_read_policy without freeing the allocated memory in *data, cause memory leak issue, so free the memory if __security_read_policy failed. [PM: subject line tweak]

References

https://git.kernel.org/stable/c/f3cd7562c0a6774fc62d79654482014020e574f5

https://git.kernel.org/stable/c/c877c5217145bda8fd95f506bf42f8d981afa57d

https://git.kernel.org/stable/c/73de1befcc53a7c68b0c5e76b9b5ac41c517760f

https://git.kernel.org/stable/c/1fc1f72aad2070d34022d0823e4cf09706b53f25

Details

Source: Mitre, NVD

Published: 2025-06-18

Updated: 2025-06-18

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P

Severity: Low

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00018