cve-2022-49803
Vulnerability from cvelistv5
Published
2025-05-01 14:09
Modified
2025-05-01 14:09
Severity ?
EPSS score ?
Summary
netdevsim: Fix memory leak of nsim_dev->fa_cookie
References
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/netdevsim/dev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "207edad5717e0a5709ce8467f0eff41c607835c9",
"status": "affected",
"version": "d3cbb907ae57fe5da314b51d949b617b538bdeae",
"versionType": "git"
},
{
"lessThan": "064bc7312bd09a48798418663090be0c776183db",
"status": "affected",
"version": "d3cbb907ae57fe5da314b51d949b617b538bdeae",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/netdevsim/dev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.7"
},
{
"lessThan": "5.7",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"version": "6.0.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.1",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetdevsim: Fix memory leak of nsim_dev-\u003efa_cookie\n\nkmemleak reports this issue:\n\nunreferenced object 0xffff8881bac872d0 (size 8):\n comm \"sh\", pid 58603, jiffies 4481524462 (age 68.065s)\n hex dump (first 8 bytes):\n 04 00 00 00 de ad be ef ........\n backtrace:\n [\u003c00000000c80b8577\u003e] __kmalloc+0x49/0x150\n [\u003c000000005292b8c6\u003e] nsim_dev_trap_fa_cookie_write+0xc1/0x210 [netdevsim]\n [\u003c0000000093d78e77\u003e] full_proxy_write+0xf3/0x180\n [\u003c000000005a662c16\u003e] vfs_write+0x1c5/0xaf0\n [\u003c000000007aabf84a\u003e] ksys_write+0xed/0x1c0\n [\u003c000000005f1d2e47\u003e] do_syscall_64+0x3b/0x90\n [\u003c000000006001c6ec\u003e] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe issue occurs in the following scenarios:\n\nnsim_dev_trap_fa_cookie_write()\n kmalloc() fa_cookie\n nsim_dev-\u003efa_cookie = fa_cookie\n..\nnsim_drv_remove()\n\nThe fa_cookie allocked in nsim_dev_trap_fa_cookie_write() is not freed. To\nfix, add kfree(nsim_dev-\u003efa_cookie) to nsim_drv_remove()."
}
],
"providerMetadata": {
"dateUpdated": "2025-05-01T14:09:30.971Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/207edad5717e0a5709ce8467f0eff41c607835c9"
},
{
"url": "https://git.kernel.org/stable/c/064bc7312bd09a48798418663090be0c776183db"
}
],
"title": "netdevsim: Fix memory leak of nsim_dev-\u003efa_cookie",
"x_generator": {
"engine": "bippy-1.1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-49803",
"datePublished": "2025-05-01T14:09:30.971Z",
"dateReserved": "2025-05-01T14:05:17.225Z",
"dateUpdated": "2025-05-01T14:09:30.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-49803\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-05-01T15:16:03.617\",\"lastModified\":\"2025-05-01T15:16:03.617\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnetdevsim: Fix memory leak of nsim_dev-\u003efa_cookie\\n\\nkmemleak reports this issue:\\n\\nunreferenced object 0xffff8881bac872d0 (size 8):\\n comm \\\"sh\\\", pid 58603, jiffies 4481524462 (age 68.065s)\\n hex dump (first 8 bytes):\\n 04 00 00 00 de ad be ef ........\\n backtrace:\\n [\u003c00000000c80b8577\u003e] __kmalloc+0x49/0x150\\n [\u003c000000005292b8c6\u003e] nsim_dev_trap_fa_cookie_write+0xc1/0x210 [netdevsim]\\n [\u003c0000000093d78e77\u003e] full_proxy_write+0xf3/0x180\\n [\u003c000000005a662c16\u003e] vfs_write+0x1c5/0xaf0\\n [\u003c000000007aabf84a\u003e] ksys_write+0xed/0x1c0\\n [\u003c000000005f1d2e47\u003e] do_syscall_64+0x3b/0x90\\n [\u003c000000006001c6ec\u003e] entry_SYSCALL_64_after_hwframe+0x63/0xcd\\n\\nThe issue occurs in the following scenarios:\\n\\nnsim_dev_trap_fa_cookie_write()\\n kmalloc() fa_cookie\\n nsim_dev-\u003efa_cookie = fa_cookie\\n..\\nnsim_drv_remove()\\n\\nThe fa_cookie allocked in nsim_dev_trap_fa_cookie_write() is not freed. To\\nfix, add kfree(nsim_dev-\u003efa_cookie) to nsim_drv_remove().\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/064bc7312bd09a48798418663090be0c776183db\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/207edad5717e0a5709ce8467f0eff41c607835c9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.