CVE-2022-50348 – This CVE describes a memory leak vulnerability ... (How to Fix)

Q: What is the severity of CVE-2022-50348?

CVE-2022-50348 has a CVSS score of 5.5 (MEDIUM). This CVE describes a memory leak vulnerability in the Linux kernel's NFS server (nfsd) component. When a specific error handling path is triggered during memory allocation, previously allocated memory isn't properly freed, leading to resource exhaustion. Systems running vulnerable Linux kernel versions with NFS server enabled are affected.

📋 TL;DR

This CVE describes a memory leak vulnerability in the Linux kernel's NFS server (nfsd) component. When a specific error handling path is triggered during memory allocation, previously allocated memory isn't properly freed, leading to resource exhaustion. Systems running vulnerable Linux kernel versions with NFS server enabled are affected.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific vulnerable versions not explicitly stated in CVE; check git commits for exact ranges

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ✅ No

Notes: Only vulnerable if NFS server (nfsd) is enabled and running; many systems don't run NFS server by default.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sustained exploitation could lead to kernel memory exhaustion, causing system instability, denial of service, or potential kernel panic/crash.

🟠

Likely Case

Memory leak gradually consumes kernel resources, potentially leading to performance degradation or service disruption over time.

🟢

If Mitigated

With proper monitoring and resource limits, impact is limited to potential performance issues rather than complete system failure.

🌐 Internet-Facing: LOW - NFS servers typically shouldn't be internet-facing; if they are, risk increases but exploit requires specific conditions.

🏢 Internal Only: MEDIUM - Internal NFS servers could be targeted by authenticated users to cause resource exhaustion.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires triggering specific error conditions in memory allocation; attacker needs access to NFS server functionality.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check provided git commit hashes for specific kernel versions

Vendor Advisory: https://git.kernel.org/stable/c/733dd17158f96aaa25408dc39bbb2738fda9300e

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution vendor. 2. Reboot system to load new kernel. 3. Verify nfsd service is running correctly post-update.

🔧 Temporary Workarounds

Disable NFS server

all

If NFS server functionality is not required, disable it to eliminate attack surface

systemctl stop nfs-server
systemctl disable nfs-server

🧯 If You Can't Patch

Implement strict access controls to limit who can access NFS server
Monitor kernel memory usage and set up alerts for unusual consumption patterns

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with patched versions in git commits; verify if nfsd is running with 'systemctl status nfs-server' or 'ps aux | grep nfsd'

Check Version:

uname -r

Verify Fix Applied:

After patching, verify kernel version is updated and monitor for memory leaks in /proc/meminfo or using memory monitoring tools

📡 Detection & Monitoring

Log Indicators:

Kernel OOM (Out of Memory) messages in /var/log/kern.log or dmesg
NFS server error logs indicating memory allocation failures

Network Indicators:

Unusual NFS request patterns from single sources

SIEM Query:

source="kernel" AND ("out of memory" OR "OOM") OR source="nfsd" AND "memory"

📊 Metadata

CVE ID: CVE-2022-50348

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-401

EPSS Score: 0.01% exploit probability (1.2th percentile)

Published: September 16, 2025

Last Updated: January 14, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-50348, you might also want to check these: