CVE-2022-50007: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-50007 is a vulnerability discovered in the Linux kernel affecting the XFRM subsystem. The issue was disclosed on June 18, 2025, and affects the __xfrm_policy_check() function. The vulnerability stems from a reference count leak that occurs when handling error conditions in the XFRM policy checking functionality (NVD, Wiz).

The vulnerability occurs in the __xfrm_policy_check() function's error path. Specifically, when the fetching process of the object pols[1] fails, the function returns 0 without properly decrementing the reference count of pols[0], which was previously incremented by either xfrm_sk_policy_lookup() or xfrm_policy_lookup(). This oversight in reference counting management leads to memory leaks in the system (NVD, Debian Tracker).

The primary impact of this vulnerability is memory leaks in the system. While memory leaks are generally considered less severe than other types of vulnerabilities, they can accumulate over time and potentially lead to system resource exhaustion (Wiz).

The issue has been fixed in various Linux kernel versions. Debian has released fixes for multiple distributions including bullseye (5.10.223-1), bookworm (6.1.137-1), and trixie (6.12.32-1). The fix involves properly decreasing the reference count of pols[0] in the error path (Debian Tracker).