{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T05:04:57.235","vulnerabilities":[{"cve":{"id":"CVE-2022-49080","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-02-26T07:00:45.347","lastModified":"2025-09-23T18:32:22.770","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmm/mempolicy: fix mpol_new leak in shared_policy_replace\n\nIf mpol_new is allocated but not used in restart loop, mpol_new will be\nfreed via mpol_put before returning to the caller.  But refcnt is not\ninitialized yet, so mpol_put could not do the right things and might\nleak the unused mpol_new.  This would happen if mempolicy was updated on\nthe shared shmem file while the sp->lock has been dropped during the\nmemory allocation.\n\nThis issue could be triggered easily with the below code snippet if\nthere are many processes doing the below work at the same time:\n\n  shmid = shmget((key_t)5566, 1024 * PAGE_SIZE, 0666|IPC_CREAT);\n  shm = shmat(shmid, 0, 0);\n  loop many times {\n    mbind(shm, 1024 * PAGE_SIZE, MPOL_LOCAL, mask, maxnode, 0);\n    mbind(shm + 128 * PAGE_SIZE, 128 * PAGE_SIZE, MPOL_DEFAULT, mask,\n          maxnode, 0);\n  }"},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm/mempolicy: arregla la fuga de mpol_new en shared_policy_replace Si mpol_new se asigna pero no se usa en el bucle de reinicio, mpol_new se liberará a través de mpol_put antes de regresar al llamador. Pero refcnt aún no se ha inicializado, por lo que mpol_put no podría hacer las cosas correctas y podría filtrar el mpol_new no utilizado. Esto sucedería si mempolicy se actualizara en el archivo shmem compartido mientras se eliminaba sp->lock durante la asignación de memoria. Este problema se podría activar fácilmente con el siguiente fragmento de código si hay muchos procesos haciendo el siguiente trabajo al mismo tiempo: shmid = shmget((key_t)5566, 1024 * PAGE_SIZE, 0666|IPC_CREAT); shm = shmat(shmid, 0, 0); repetir muchas veces { mbind(shm, 1024 * PAGE_SIZE, MPOL_LOCAL, mask, maxnode, 0); mbind(shm + 128 * PAGE_SIZE, 128 * PAGE_SIZE, MPOL_DEFAULT, mask, maxnode, 0); }"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-401"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.8.1","versionEndExcluding":"4.9.311","matchCriteriaId":"C95B5F4F-421D-43B3-98BF-C395D41D59BC"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10","versionEndExcluding":"4.14.276","matchCriteriaId":"6D9B028C-6313-47F9-94B7-5F8122345E49"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"4.19.238","matchCriteriaId":"FA28527A-11D3-41D2-9C4C-ECAC0D6A4A2D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.4.189","matchCriteriaId":"8CB6E8F5-C2B1-46F3-A807-0F6104AC340F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.111","matchCriteriaId":"96258501-7BCE-4C55-8A38-8AC9D327626D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.34","matchCriteriaId":"D25878D3-7761-4E9F-8919-E92CD53896E0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"5.16.20","matchCriteriaId":"ABBBA66E-0244-4621-966B-9790AF1EEB00"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17","versionEndExcluding":"5.17.3","matchCriteriaId":"AE420AC7-1E59-4398-B84F-71F4B4337762"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:3.8:-:*:*:*:*:*:*","matchCriteriaId":"BEE536AD-20BA-4893-AF2B-B6CF446F5FB3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:3.8:rc2:*:*:*:*:*:*","matchCriteriaId":"30456934-2CAE-4F0C-B361-4E2C10DE8DD8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:3.8:rc3:*:*:*:*:*:*","matchCriteriaId":"6E108893-AAAF-48F4-9376-71AC33C7A40E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:3.8:rc4:*:*:*:*:*:*","matchCriteriaId":"AC348729-8654-4178-851F-5C4BE4B5C806"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:3.8:rc5:*:*:*:*:*:*","matchCriteriaId":"1A29F057-1966-4A35-83AE-844FF160388B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:3.8:rc6:*:*:*:*:*:*","matchCriteriaId":"FC426C5C-DA23-494D-888F-4E3712EBA3E2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:3.8:rc7:*:*:*:*:*:*","matchCriteriaId":"70810C1C-2B24-47DF-9357-E9D755D1BE99"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.18:rc1:*:*:*:*:*:*","matchCriteriaId":"6AD94161-84BB-42E6-9882-4FC0C42E9FC1"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/198932a14aeb19a15cf19e51e151d023bc4cd648","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/25f506273b6ae806fd46bfcb6fdaa5b9ec81a05b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/39a32f3c06f6d68a530bf9612afa19f50f12e93d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4ad099559b00ac01c3726e5c95dc3108ef47d03e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5e16dc5378abd749a836daa9ee4ab2c8d2668999","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6e00309ac716fa8225f0cbde2cd9c24f0e74ee21","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8510c2346d9e47a72b7f018a36ef0c39483e53d6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f7e183b0a7136b6dc9c7b9b2a85a608a8feba894","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fe39ac59dbbf893b73b24e3184161d0bd06d6651","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}