SB20251230122 - Memory leak in Linux kernel nfsd
Published: December 30, 2025 Updated: December 31, 2025
Security Bulletin ID
SB20251230122
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2022-50861)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfsaclsvc_encode_getaclres() function in fs/nfsd/nfs2acl.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/2b825efb0577a32a872e872a869e0947cf9dd6d3
- https://git.kernel.org/stable/c/5030d4d2bf8b6f6f3d16401ab92a88bc5aa2377a
- https://git.kernel.org/stable/c/a20b0abab966a189a79aba6ebf41f59024a3224d
- https://git.kernel.org/stable/c/d5b867fd2d7f79630b1a2906a7bb4f4b75bf297a
- https://git.kernel.org/stable/c/ea5021e911d3479346a75ac9b7d9dcd751b0fb99
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.220
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.86
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.16
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.2
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2