SB20251230129 - Memory leak in Linux kernel dsa
Published: December 30, 2025 Updated: December 31, 2025
Security Bulletin ID
SB20251230129
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2022-50837)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dsa_tag_8021q_teardown() and dsa_tag_8021q_register() functions in net/dsa/tag_8021q.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/09f30f394e832ed09859b6a80fdd20668a9104ff
- https://git.kernel.org/stable/c/14ed46a13aba42a6ddd85de6f6274090df3586a5
- https://git.kernel.org/stable/c/39691d51af99f80efb9e365f94b8e0c791fa1a2f
- https://git.kernel.org/stable/c/e095493091e850d5292ad01d8fbf5cde1d89ac53
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.86
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.16
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.2
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2