2373631 – (CVE-2022-50170) CVE-2022-50170 kernel: kunit: executor: Fix a memory leak on failure in kunit_filter_tests

Bug 2373631 (CVE-2022-50170) - CVE-2022-50170 kernel: kunit: executor: Fix a memory leak on failure in kunit_filter_tests

Summary: CVE-2022-50170 kernel: kunit: executor: Fix a memory leak on failure in kunit...

Keywords:
Status:	NEW
Alias:	CVE-2022-50170
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2025-06-18 12:11 UTC by OSIDB Bzimport
Modified:	2025-06-19 02:44 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-06-18 12:11:30 UTC

In the Linux kernel, the following vulnerability has been resolved:

kunit: executor: Fix a memory leak on failure in kunit_filter_tests

It's possible that memory allocation for 'filtered' will fail, but for the
copy of the suite to succeed. In this case, the copy could be leaked.

Properly free 'copy' in the error case for the allocation of 'filtered'
failing.

Note that there may also have been a similar issue in
kunit_filter_subsuites, before it was removed in "kunit: flatten
kunit_suite*** to kunit_suite** in .kunit_test_suites".

This was reported by clang-analyzer via the kernel test robot, here:
https://lore.kernel.org/all/c8073b8e-7b9e-0830-4177-87c12f16349c@intel.com/

And by smatch via Dan Carpenter and the kernel test robot:
https://lore.kernel.org/all/202207101328.ASjx88yj-lkp@intel.com/

Comment 1 Avinash Hanwate 2025-06-19 00:53:44 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025061829-CVE-2022-50170-6904@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.