LiveActive security incident?Get immediate response
CVE Record

CVE-2022-50114: net: 9p: fix refcount leak in p9_read_work() error handling

In the Linux kernel, the following vulnerability has been resolved: net: 9p: fix refcount leak in p9_read_work() error handling p9_req_put need to be called when m->rreq->rc.sdata is NULL to avoid temporary refcount leak. [Dominique: commit wording adjustments, p9_req_put argument fixes for rebase]

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysisunknown

Security readout for executives and security teams

Plain-English summary

CVE-2022-50114 is a Linux kernel 9p networking bug where an error path failed to release a request reference. The public record describes a temporary refcount leak, but does not provide CVSS, CWE, exploit evidence, or business impact details.

Executive priority

Treat as a routine kernel maintenance item unless your environment depends on Linux 9p functionality. Urgency is constrained by missing severity data and no cited exploitation evidence.

Technical view

In net/9p p9_read_work() error handling, p9_req_put() must be called when m->rreq->rc.sdata is NULL. Without that release, the kernel can temporarily leak a request reference. Linux stable commits are listed as the remediation sources.

Likely exposure

Exposure appears limited to Linux systems running affected kernel versions with the 9p networking code present and relevant to workloads. The source bundle does not specify required configuration, attack prerequisites, or affected distributions.

Exploitation context

No active exploitation is supported by the provided sources. The CVE is not marked KEV, and the bundle contains no public exploit status, attack path, or proof-of-concept reference.

Researcher notes

The record is sparse: no CVSS, CWE, exploit status, or deployment prerequisites are provided. Analysis should focus on the p9_read_work() NULL sdata error path and whether downstream kernels backported the p9_req_put() fix.

Mitigation direction

  • Review vendor Linux kernel advisories for your distribution.
  • Update to a kernel containing the listed stable fixes.
  • Prioritize systems using or exposing Linux 9p functionality.
  • Track this as unknown severity until vendor scoring is available.

Validation and detection

  • Inventory Linux kernel versions across production systems.
  • Check whether 9p-related kernel functionality is enabled or used.
  • Compare installed kernel fixes against the referenced stable commits.
  • Confirm distribution packages include the upstream correction.
Prepared
Confidence
medium
Sources
7

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cve · low confidence lookup

CVE-2022-50114 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
3Timeline events
0ADP providers
6Source links

Vulnerability timeline

Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.

  1. CVE reservedCVE Program

    The CVE ID was reserved by the assigning CNA.

  2. CVE publishedCVE Program

    The CVE record was published.

  3. CVE updatedCVE Program

    The CVE record metadata indicates this as the latest update time.

Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
LinuxLinux728356dedeff8ef999cb436c71333ef4ac51a81c, 728356dedeff8ef999cb436c71333ef4ac51a81c, 728356dedeff8ef999cb436c71333ef4ac51a81c, 728356dedeff8ef999cb436c71333ef4ac51a81c, 728356dedeff8ef999cb436c71333ef4ac51a81c, 3665a4d9dca1bd06bc34afb72e637fe01b2776ee, 4.19.57unaffected
LinuxLinux4.20, 0, 5.10.260, 5.15.61, 5.18.18, 5.19.2, 6.0affected
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.