{"id":"CVE-2022-50569","summary":"xfrm: Update ipcomp_scratches with NULL when freed","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: Update ipcomp_scratches with NULL when freed\n\nCurrently if ipcomp_alloc_scratches() fails to allocate memory\nipcomp_scratches holds obsolete address. So when we try to free the\npercpu scratches using ipcomp_free_scratches() it tries to vfree non\nexistent vm area. Described below:\n\nstatic void * __percpu *ipcomp_alloc_scratches(void)\n{\n        ...\n        scratches = alloc_percpu(void *);\n        if (!scratches)\n                return NULL;\nipcomp_scratches does not know about this allocation failure.\nTherefore holding the old obsolete address.\n        ...\n}\n\nSo when we free,\n\nstatic void ipcomp_free_scratches(void)\n{\n        ...\n        scratches = ipcomp_scratches;\nAssigning obsolete address from ipcomp_scratches\n\n        if (!scratches)\n                return;\n\n        for_each_possible_cpu(i)\n               vfree(*per_cpu_ptr(scratches, i));\nTrying to free non existent page, causing warning: trying to vfree\nexistent vm area.\n        ...\n}\n\nFix this breakage by updating ipcomp_scrtches with NULL when scratches\nis freed","modified":"2026-03-20T11:47:31.612862Z","published":"2025-10-22T13:23:25.810Z","related":["SUSE-SU-2025:4515-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50569.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/03155680191ef0f004b1d6a5714c5b8cd271ab61"},{"type":"WEB","url":"https://git.kernel.org/stable/c/18373ed500f7cd53e24d9b0bd0f1c09d78dba87e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/1e8abde895b3ac6a368cbdb372e8800c49e73a28"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2c19945ce8095d065df550e7fe350cd5cc40c6e6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8a04d2fc700f717104bfb95b0f6694e448a4537f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a39f456d62810c0efb43cead22f98d95b53e4b1a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/be81c44242b20fc3bdcc73480ef8aaee56f5d0b6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/debca61df6bc2f65e020656c9c5b878d6b38d30f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f3bdba4440d82e0da2b1bfc35d3836c8a8e00677"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50569.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-50569"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2"},{"fixed":"debca61df6bc2f65e020656c9c5b878d6b38d30f"},{"fixed":"a39f456d62810c0efb43cead22f98d95b53e4b1a"},{"fixed":"1e8abde895b3ac6a368cbdb372e8800c49e73a28"},{"fixed":"18373ed500f7cd53e24d9b0bd0f1c09d78dba87e"},{"fixed":"be81c44242b20fc3bdcc73480ef8aaee56f5d0b6"},{"fixed":"03155680191ef0f004b1d6a5714c5b8cd271ab61"},{"fixed":"f3bdba4440d82e0da2b1bfc35d3836c8a8e00677"},{"fixed":"2c19945ce8095d065df550e7fe350cd5cc40c6e6"},{"fixed":"8a04d2fc700f717104bfb95b0f6694e448a4537f"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50569.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2.6.12"},{"fixed":"4.9.331"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.10.0"},{"fixed":"4.14.296"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.15.0"},{"fixed":"4.19.262"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.20.0"},{"fixed":"5.4.220"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.150"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.75"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"5.19.17"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.20.0"},{"fixed":"6.0.3"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50569.json"}}],"schema_version":"1.7.5"}