ghsa-whrx-8qvw-6p89
Vulnerability from github
Published
2025-05-01 15:31
Modified
2025-05-01 15:31
Details

In the Linux kernel, the following vulnerability has been resolved:

netdevsim: Fix memory leak of nsim_dev->fa_cookie

kmemleak reports this issue:

unreferenced object 0xffff8881bac872d0 (size 8): comm "sh", pid 58603, jiffies 4481524462 (age 68.065s) hex dump (first 8 bytes): 04 00 00 00 de ad be ef ........ backtrace: [<00000000c80b8577>] __kmalloc+0x49/0x150 [<000000005292b8c6>] nsim_dev_trap_fa_cookie_write+0xc1/0x210 [netdevsim] [<0000000093d78e77>] full_proxy_write+0xf3/0x180 [<000000005a662c16>] vfs_write+0x1c5/0xaf0 [<000000007aabf84a>] ksys_write+0xed/0x1c0 [<000000005f1d2e47>] do_syscall_64+0x3b/0x90 [<000000006001c6ec>] entry_SYSCALL_64_after_hwframe+0x63/0xcd

The issue occurs in the following scenarios:

nsim_dev_trap_fa_cookie_write() kmalloc() fa_cookie nsim_dev->fa_cookie = fa_cookie .. nsim_drv_remove()

The fa_cookie allocked in nsim_dev_trap_fa_cookie_write() is not freed. To fix, add kfree(nsim_dev->fa_cookie) to nsim_drv_remove().

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2022-49803"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-01T15:16:03Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetdevsim: Fix memory leak of nsim_dev-\u003efa_cookie\n\nkmemleak reports this issue:\n\nunreferenced object 0xffff8881bac872d0 (size 8):\n  comm \"sh\", pid 58603, jiffies 4481524462 (age 68.065s)\n  hex dump (first 8 bytes):\n    04 00 00 00 de ad be ef                          ........\n  backtrace:\n    [\u003c00000000c80b8577\u003e] __kmalloc+0x49/0x150\n    [\u003c000000005292b8c6\u003e] nsim_dev_trap_fa_cookie_write+0xc1/0x210 [netdevsim]\n    [\u003c0000000093d78e77\u003e] full_proxy_write+0xf3/0x180\n    [\u003c000000005a662c16\u003e] vfs_write+0x1c5/0xaf0\n    [\u003c000000007aabf84a\u003e] ksys_write+0xed/0x1c0\n    [\u003c000000005f1d2e47\u003e] do_syscall_64+0x3b/0x90\n    [\u003c000000006001c6ec\u003e] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe issue occurs in the following scenarios:\n\nnsim_dev_trap_fa_cookie_write()\n  kmalloc() fa_cookie\n  nsim_dev-\u003efa_cookie = fa_cookie\n..\nnsim_drv_remove()\n\nThe fa_cookie allocked in nsim_dev_trap_fa_cookie_write() is not freed. To\nfix, add kfree(nsim_dev-\u003efa_cookie) to nsim_drv_remove().",
  "id": "GHSA-whrx-8qvw-6p89",
  "modified": "2025-05-01T15:31:47Z",
  "published": "2025-05-01T15:31:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49803"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/064bc7312bd09a48798418663090be0c776183db"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/207edad5717e0a5709ce8467f0eff41c607835c9"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.