CVE-2022-49801 in Linux
Sumário
de VulDB • 11/05/2026
No kernel do Linux, a seguinte vulnerabilidade foi corrigida:
tracing: Corrige vazamento de memória em tracing_read_pipe()
O kmemleak reporta este problema:
objeto não referenciado 0xffff888105a18900 (tamanho 128): comm "test_progs", pid 18933, jiffies 4336275356 (idade 22801.766s) dump hexadecimal (primeiros 32 bytes): 25 73 00 90 81 88 ff ff 26 05 00 00 42 01 58 04 %s......&...B.X. 03 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000560143a1>] __kmalloc_node_track_caller+0x4a/0x140
[<000000006af00822>] krealloc+0x8d/0xf0
[<00000000c309be6a>] trace_iter_expand_format+0x99/0x150
[<000000005a53bdb6>] trace_check_vprintf+0x1e0/0x11d0
[<0000000065629d9d>] trace_event_printf+0xb6/0xf0
[<000000009a690dc7>] trace_raw_output_bpf_trace_printk+0x89/0xc0
[<00000000d22db172>] print_trace_line+0x73c/0x1480
[<00000000cdba76ba>] tracing_read_pipe+0x45c/0x9f0
[<0000000015b58459>] vfs_read+0x17b/0x7c0
[<000000004aeee8ed>] ksys_read+0xed/0x1c0
[<0000000063d3d898>] do_syscall_64+0x3b/0x90
[<00000000a06dda7f>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
iter->fmt alocado em tracing_read_pipe() -> .. -> trace_iter_expand_format(), mas não liberado, para corrigir, adicione free em tracing_release_pipe()
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.