CVE-2022-50372

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> cifs: Fix memory leak when build ntlmssp negotiate blob failed<br /> <br /> There is a memory leak when mount cifs:<br /> unreferenced object 0xffff888166059600 (size 448):<br /> comm "mount.cifs", pid 51391, jiffies 4295596373 (age 330.596s)<br /> hex dump (first 32 bytes):<br /> fe 53 4d 42 40 00 00 00 00 00 00 00 01 00 82 00 .SMB@...........<br /> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................<br /> backtrace:<br /> [] mempool_alloc+0xe1/0x260<br /> [] cifs_small_buf_get+0x24/0x60<br /> [] __smb2_plain_req_init+0x32/0x460<br /> [] SMB2_sess_alloc_buffer+0xa4/0x3f0<br /> [] SMB2_sess_auth_rawntlmssp_negotiate+0xf5/0x480<br /> [] SMB2_sess_setup+0x253/0x410<br /> [] cifs_setup_session+0x18f/0x4c0<br /> [] cifs_get_smb_ses+0xae7/0x13c0<br /> [] mount_get_conns+0x7a/0x730<br /> [] cifs_mount+0x103/0xd10<br /> [] cifs_smb3_do_mount+0x1dd/0xc90<br /> [] smb3_get_tree+0x1d5/0x300<br /> [] vfs_get_tree+0x41/0xf0<br /> [] path_mount+0x9b3/0xdd0<br /> [] __x64_sys_mount+0x190/0x1d0<br /> [] do_syscall_64+0x35/0x80<br /> <br /> When build ntlmssp negotiate blob failed, the session setup request<br /> should be freed.