CVE-2022-50189

In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix file pointer leak Currently if a fscanf fails then an early return leaks an open file pointer. Fix this by fclosing the file before the return. Detected using static analysis with cppcheck: tools/power/x86/turbostat/turbostat.c:2039:3: error: Resource leak: fp [resourceLeak]

CVSS v3 7.1 HIGH

7.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/2ebf6f5946817f33fb33e613e359229e98164eb3	Patch
https://git.kernel.org/stable/c/5e5fd36c58d6c820f7292ee492c3731c9a104a41	Patch

Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-06-18 11:15

Updated : 2026-01-23 16:41

NVD link : CVE-2022-50189

Mitre link : CVE-2022-50189

CVE.ORG link : CVE-2022-50189

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-772

Missing Release of Resource after Effective Lifetime

{"id": "CVE-2022-50189", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 1.8}]}, "published": "2025-06-18T11:15:49.490", "references": [{"url": "https://git.kernel.org/stable/c/2ebf6f5946817f33fb33e613e359229e98164eb3", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/5e5fd36c58d6c820f7292ee492c3731c9a104a41", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-772"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntools/power turbostat: Fix file pointer leak\n\nCurrently if a fscanf fails then an early return leaks an open\nfile pointer. Fix this by fclosing the file before the return.\nDetected using static analysis with cppcheck:\n\ntools/power/x86/turbostat/turbostat.c:2039:3: error: Resource leak: fp [resourceLeak]"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tools/power turbostat: Correcci\u00f3n de fuga de puntero de archivo. Actualmente, si un fscanf falla, un retorno anticipado filtra un puntero de archivo abierto. Se soluciona cerrando el archivo antes del retorno. Detectado mediante an\u00e1lisis est\u00e1tico con cppcheck: tools/power/x86/turbostat/turbostat.c:2039:3: error: Fuga de recursos: fp [resourceLeak]"}], "lastModified": "2026-01-23T16:41:23.873", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1A2A5A5-4598-4D7E-BA07-4660398D6C8F", "versionEndExcluding": "5.19.2", "versionStartIncluding": "5.19"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}