CVE-2022-48642

Summary

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()

It seems to me that percpu memory for chain stats started leaking since commit 3bc158f8d0330f0a ("netfilter: nf_tables: map basechain priority to hardware priority") when nft_chain_offload_priority() returned an error.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux3bc158f8d0330f0ac58597c023acca2234c14616 < b043a525a3f5520abb676a7cd8f6328fdf959e88affected
LinuxLinux3bc158f8d0330f0ac58597c023acca2234c14616 < 08d7524f366a886b99b1630a24a27dd6e0d7f852affected
LinuxLinux3bc158f8d0330f0ac58597c023acca2234c14616 < 985b031667c3177b9e7fb9787b989628e4271714affected
LinuxLinux3bc158f8d0330f0ac58597c023acca2234c14616 < 9a4d6dd554b86e65581ef6b6638a39ae079b17acaffected
LinuxLinux5.3affected
LinuxLinux0 < 5.3unaffected
LinuxLinux5.10.146 <= 5.10.*unaffected
LinuxLinux5.15.71 <= 5.15.*unaffected
LinuxLinux5.19.12 <= 5.19.*unaffected
LinuxLinux6.0 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References