Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

CVE-2022-50252 | Mondoo Vulnerability Intelligence

Vulnerability IntelligenceCVE-2022-50252

CVE-2022-50252

HIGH7.8

igb: Do not free q_vector unless new one was allocated

Published Sep 15, 2025

Modified 4 months ago

Details

In the Linux kernel, the following vulnerability has been resolved:

igb: Do not free q_vector unless new one was allocated

Avoid potential use-after-free condition under memory pressure. If the kzalloc() fails, q_vector will be freed but left in the original adapter->q_vector[v_idx] array position.

References

WEB

https://git.kernel.org/stable/c/0200f0fbb11e359cc35af72ab10b2ec224e6f633

WEB

https://git.kernel.org/stable/c/0668716506ca66f90d395f36ccdaebc3e0e84801

WEB

https://git.kernel.org/stable/c/314f7092b27749bdde44c14095b5533afa2a3bc8

WEB

https://git.kernel.org/stable/c/3cb18dea11196fb4a06f78294cec5e61985e1aff

WEB

https://git.kernel.org/stable/c/56483aecf6b22eb7dff6315b3a174688c6ad494c

WEB

https://git.kernel.org/stable/c/64ca1969599857143e91aeec4440640656100803

WEB

https://git.kernel.org/stable/c/68e8adbcaf7a8743e473343b38b9dad66e2ac6f3

WEB

https://git.kernel.org/stable/c/6e399577bd397a517df4b938601108c63769ce0a

WEB

https://git.kernel.org/stable/c/f96bd8adc8adde25390965a8c1ee81b73cb62075

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2022-50252

CVSS Analysis

CVSS v3.1

7.8

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

HighI:H

Availability

HighA:H

7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Ecosystems

Timeline

PublishedSep 15, 2025

ModifiedDec 23, 2025