๐Ÿ” CVE Alert

CVE-2022-50751

UNKNOWN 0.0

configfs: fix possible memory leak in configfs_create_dir()

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

In the Linux kernel, the following vulnerability has been resolved: configfs: fix possible memory leak in configfs_create_dir() kmemleak reported memory leaks in configfs_create_dir(): unreferenced object 0xffff888009f6af00 (size 192): comm "modprobe", pid 3777, jiffies 4295537735 (age 233.784s) backtrace: kmem_cache_alloc (mm/slub.c:3250 mm/slub.c:3256 mm/slub.c:3263 mm/slub.c:3273) new_fragment (./include/linux/slab.h:600 fs/configfs/dir.c:163) configfs_register_subsystem (fs/configfs/dir.c:1857) basic_write (drivers/hwtracing/stm/p_basic.c:14) stm_p_basic do_one_initcall (init/main.c:1296) do_init_module (kernel/module/main.c:2455) ... unreferenced object 0xffff888003ba7180 (size 96): comm "modprobe", pid 3777, jiffies 4295537735 (age 233.784s) backtrace: kmem_cache_alloc (mm/slub.c:3250 mm/slub.c:3256 mm/slub.c:3263 mm/slub.c:3273) configfs_new_dirent (./include/linux/slab.h:723 fs/configfs/dir.c:194) configfs_make_dirent (fs/configfs/dir.c:248) configfs_create_dir (fs/configfs/dir.c:296) configfs_attach_group.isra.28 (fs/configfs/dir.c:816 fs/configfs/dir.c:852) configfs_register_subsystem (fs/configfs/dir.c:1881) basic_write (drivers/hwtracing/stm/p_basic.c:14) stm_p_basic do_one_initcall (init/main.c:1296) do_init_module (kernel/module/main.c:2455) ... This is because the refcount is not correct in configfs_make_dirent(). For normal stage, the refcount is changing as: configfs_register_subsystem() configfs_create_dir() configfs_make_dirent() configfs_new_dirent() # set s_count = 1 dentry->d_fsdata = configfs_get(sd); # s_count = 2 ... configfs_unregister_subsystem() configfs_remove_dir() remove_dir() configfs_remove_dirent() # s_count = 1 dput() ... *dentry_unlink_inode()* configfs_d_iput() # s_count = 0, release However, if we failed in configfs_create(): configfs_register_subsystem() configfs_create_dir() configfs_make_dirent() # s_count = 2 ... configfs_create() # fail ->out_remove: configfs_remove_dirent(dentry) configfs_put(sd) # s_count = 1 return PTR_ERR(inode); There is no inode in the error path, so the configfs_d_iput() is lost and makes sd and fragment memory leaked. To fix this, when we failed in configfs_create(), manually call configfs_put(sd) to keep the refcount correct.

Vendor linux
Product linux
Ecosystems
Industries
Technology
Published Dec 24, 2025
Last Updated May 11, 2026
Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Linux / Linux
7063fbf2261194f72ee75afca67b3b38b554b5fa < 90c38f57a821499391526b15cc944c265bd24e48 7063fbf2261194f72ee75afca67b3b38b554b5fa < 74ac7c9ee2d486c501e7864c903f5098fc477acd 7063fbf2261194f72ee75afca67b3b38b554b5fa < 07f82dca112262b169bec0001378126439cab776 7063fbf2261194f72ee75afca67b3b38b554b5fa < 8bc77754224a2c8581727ffe2e958119b4e27c8f 7063fbf2261194f72ee75afca67b3b38b554b5fa < c72eb6e6e49a71f7598740786568fafdd013a227 7063fbf2261194f72ee75afca67b3b38b554b5fa < c65234b283a65cfbfc94619655e820a5e55199eb
Linux / Linux
2.6.16

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
git.kernel.org: https://git.kernel.org/stable/c/90c38f57a821499391526b15cc944c265bd24e48 git.kernel.org: https://git.kernel.org/stable/c/74ac7c9ee2d486c501e7864c903f5098fc477acd git.kernel.org: https://git.kernel.org/stable/c/07f82dca112262b169bec0001378126439cab776 git.kernel.org: https://git.kernel.org/stable/c/8bc77754224a2c8581727ffe2e958119b4e27c8f git.kernel.org: https://git.kernel.org/stable/c/c72eb6e6e49a71f7598740786568fafdd013a227 git.kernel.org: https://git.kernel.org/stable/c/c65234b283a65cfbfc94619655e820a5e55199eb