CVE-2022-49938 Information
Jun 19, 2025
cve
Description
In the Linux kernel the following vulnerability has been resolved:
cifs: fix small mempool leak in SMB2_negotiate()
In some cases of failure (dialect mismatches) in SMB2_negotiate() after the request is sent the checks would return -EIO when they should be rather setting rc = -EIO and jumping to neg_exit to free the response buffer from mempool.
Reference
https://git.kernel.org/stable/c/27893dfc1285f80f80f46b3b8c95f5d15d2e66d0 https://git.kernel.org/stable/c/38a6b469bf22f153282fbe7d702a24e9eb43f50e https://git.kernel.org/stable/c/9e3c9efa7caf16e5acc05eab5e4d0a714e1610b0
Related CNNVD
CNNVD-202506-2226 (Published: 2025-06-18)
Share on: