Vulnerability Database

309,237

Total vulnerabilities in the database

CVE-2022-50046

In the Linux kernel, the following vulnerability has been resolved:

net/sunrpc: fix potential memory leaks in rpc_sysfs_xprt_state_change()

The issue happens on some error handling paths. When the function fails to grab the object xprt, it simply returns 0, forgetting to decrease the reference count of another object xps, which is increased by rpc_sysfs_xprt_kobj_get_xprt_switch(), causing refcount leaks. Also, the function forgets to check whether xps is valid before using it, which may result in NULL-dereferencing issues.

Fix it by adding proper error handling code when either xprt or xps is NULL.

Published: Jun 18, 2025
Updated: Nov 14, 2025
CVE: CVE-2022-50046
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-401

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	5.14	5.15.63
linux / linux_kernel	5.16	5.19.4
linux / linux_kernel	6.0-rc1	6.0-rc1.x

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo