{"id":"CVE-2022-50271","summary":"vhost/vsock: Use kvmalloc/kvfree for larger packets.","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nvhost/vsock: Use kvmalloc/kvfree for larger packets.\n\nWhen copying a large file over sftp over vsock, data size is usually 32kB,\nand kmalloc seems to fail to try to allocate 32 32kB regions.\n\n vhost-5837: page allocation failure: order:4, mode:0x24040c0\n Call Trace:\n  [\u003cffffffffb6a0df64\u003e] dump_stack+0x97/0xdb\n  [\u003cffffffffb68d6aed\u003e] warn_alloc_failed+0x10f/0x138\n  [\u003cffffffffb68d868a\u003e] ? __alloc_pages_direct_compact+0x38/0xc8\n  [\u003cffffffffb664619f\u003e] __alloc_pages_nodemask+0x84c/0x90d\n  [\u003cffffffffb6646e56\u003e] alloc_kmem_pages+0x17/0x19\n  [\u003cffffffffb6653a26\u003e] kmalloc_order_trace+0x2b/0xdb\n  [\u003cffffffffb66682f3\u003e] __kmalloc+0x177/0x1f7\n  [\u003cffffffffb66e0d94\u003e] ? copy_from_iter+0x8d/0x31d\n  [\u003cffffffffc0689ab7\u003e] vhost_vsock_handle_tx_kick+0x1fa/0x301 [vhost_vsock]\n  [\u003cffffffffc06828d9\u003e] vhost_worker+0xf7/0x157 [vhost]\n  [\u003cffffffffb683ddce\u003e] kthread+0xfd/0x105\n  [\u003cffffffffc06827e2\u003e] ? vhost_dev_set_owner+0x22e/0x22e [vhost]\n  [\u003cffffffffb683dcd1\u003e] ? flush_kthread_worker+0xf3/0xf3\n  [\u003cffffffffb6eb332e\u003e] ret_from_fork+0x4e/0x80\n  [\u003cffffffffb683dcd1\u003e] ? flush_kthread_worker+0xf3/0xf3\n\nWork around by doing kvmalloc instead.","modified":"2026-04-02T08:28:22.590640Z","published":"2025-09-15T14:21:07.563Z","related":["SUSE-SU-2025:03613-1","SUSE-SU-2025:03614-1","SUSE-SU-2025:03615-1","SUSE-SU-2025:03626-1","SUSE-SU-2025:03628-1","SUSE-SU-2025:3716-1","SUSE-SU-2025:3761-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50271.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0d720c3f0a03e97867deab7e480ba3d3e19837ba"},{"type":"WEB","url":"https://git.kernel.org/stable/c/0e3f72931fc47bb81686020cc643cde5d9cd0bb8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/36c9f340c60413e28f980c0224c4e9d35851526b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7aac8c63f604e6a6a46560c0f0188cd0332cf320"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a99fc6d818161d6f1ff3307de8bf5237f6cc34d8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b4a5905fd2ef841cd61e969ea692c213c2e5c1f7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e28a4e7f0296824c61a81e7fd54ab48bad3e75ad"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e6d0152c95108651f1880c1ddfab47cb9e3e62d0"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50271.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-50271"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"433fc58e6bf2c8bd97e57153ed28e64fd78207b8"},{"fixed":"0d720c3f0a03e97867deab7e480ba3d3e19837ba"},{"fixed":"7aac8c63f604e6a6a46560c0f0188cd0332cf320"},{"fixed":"e6d0152c95108651f1880c1ddfab47cb9e3e62d0"},{"fixed":"b4a5905fd2ef841cd61e969ea692c213c2e5c1f7"},{"fixed":"e28a4e7f0296824c61a81e7fd54ab48bad3e75ad"},{"fixed":"a99fc6d818161d6f1ff3307de8bf5237f6cc34d8"},{"fixed":"36c9f340c60413e28f980c0224c4e9d35851526b"},{"fixed":"0e3f72931fc47bb81686020cc643cde5d9cd0bb8"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50271.json"}}],"schema_version":"1.7.5"}