U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. Vulnerabilities

CVE-2022-50569 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: xfrm: Update ipcomp_scratches with NULL when freed Currently if ipcomp_alloc_scratches() fails to allocate memory ipcomp_scratches holds obsolete address. So when we try to free the percpu scratches using ipcomp_free_scratches() it tries to vfree non existent vm area. Described below: static void * __percpu *ipcomp_alloc_scratches(void) { ... scratches = alloc_percpu(void *); if (!scratches) return NULL; ipcomp_scratches does not know about this allocation failure. Therefore holding the old obsolete address. ... } So when we free, static void ipcomp_free_scratches(void) { ... scratches = ipcomp_scratches; Assigning obsolete address from ipcomp_scratches if (!scratches) return; for_each_possible_cpu(i) vfree(*per_cpu_ptr(scratches, i)); Trying to free non existent page, causing warning: trying to vfree existent vm area. ... } Fix this breakage by updating ipcomp_scrtches with NULL when scratches is freed


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
https://git.kernel.org/stable/c/03155680191ef0f004b1d6a5714c5b8cd271ab61 kernel.org
https://git.kernel.org/stable/c/18373ed500f7cd53e24d9b0bd0f1c09d78dba87e kernel.org
https://git.kernel.org/stable/c/1e8abde895b3ac6a368cbdb372e8800c49e73a28 kernel.org
https://git.kernel.org/stable/c/2c19945ce8095d065df550e7fe350cd5cc40c6e6 kernel.org
https://git.kernel.org/stable/c/8a04d2fc700f717104bfb95b0f6694e448a4537f kernel.org
https://git.kernel.org/stable/c/a39f456d62810c0efb43cead22f98d95b53e4b1a kernel.org
https://git.kernel.org/stable/c/be81c44242b20fc3bdcc73480ef8aaee56f5d0b6 kernel.org
https://git.kernel.org/stable/c/debca61df6bc2f65e020656c9c5b878d6b38d30f kernel.org
https://git.kernel.org/stable/c/f3bdba4440d82e0da2b1bfc35d3836c8a8e00677 kernel.org

Weakness Enumeration

CWE-ID CWE Name Source

Change History

1 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2022-50569
NVD Published Date:
10/22/2025
NVD Last Modified:
10/22/2025
Source:
kernel.org