CVE-2022-50765 — Vulnetix

CVE-2022-50765 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: RISC-V: kexec: Fix memory leak of elf header buffer This is reported by kmemleak detector: unreferenced object 0xff2000000403d000 (size 4096): comm "kexec", pid 146, jiffies 4294900633 (age 64.792s) hex dump (first 32 bytes): 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 .ELF............ 04 00 f3 00 01 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000566ca97c>] kmemleak_vmalloc+0x3c/0xbe [<00000000979283d8>] __vmalloc_node_range+0x3ac/0x560 [<00000000b4b3712a>] __vmalloc_node+0x56/0x62 [<00000000854f75e2>] vzalloc+0x2c/0x34 [<00000000e9a00db9>] crash_prepare_elf64_headers+0x80/0x30c [<0000000067e8bf48>] elf_kexec_load+0x3e8/0x4ec [<0000000036548e09>] kexec_image_load_default+0x40/0x4c [<0000000079fbe1b4>] sys_kexec_file_load+0x1c4/0x322 [<0000000040c62c03>] ret_from_syscall+0x0/0x2 In elf_kexec_load(), a buffer is allocated via vzalloc() to store elf headers. While it's not freed back to system when kdump kernel is reloaded or unloaded, or when image->elf_header is successfully set and then fails to load kdump kernel for some reason. Fix it by freeing the buffer in arch_kimage_file_post_load_cleanup().

EPSS 0.03% · 6.7th percentile

Risk Scores

EPSS Score

0.03%

6.7th percentile

Affected Products

Vendor	Product	Versions
Linux	Linux	8acea455fafaf2620b247de6c00774828b618a82, 8acea455fafaf2620b247de6c00774828b618a82, 8acea455fafaf2620b247de6c00774828b618a82
linux	linux_kernel	5.19, 5.19, 5.19

Timeline

Dec 24, 2025 CVE Published
Dec 25, 2025 EPSS Score
Dec 28, 2025 EPSS Score
Dec 31, 2025 EPSS Score
Jan 3, 2026 EPSS Score
Jan 6, 2026 EPSS Score
Jan 10, 2026 EPSS Score
Jan 13, 2026 EPSS Score
Jan 16, 2026 EPSS Score
Jan 19, 2026 EPSS Score
Jan 22, 2026 EPSS Score
Jan 25, 2026 EPSS Score

References

Open in Interactive Console →