CVE-2022-49028

Summary

In the Linux kernel, the following vulnerability has been resolved:

ixgbevf: Fix resource leak in ixgbevf_init_module()

ixgbevf_init_module() won't destroy the workqueue created by create_singlethread_workqueue() when pci_register_driver() failed. Add destroy_workqueue() in fail path to prevent the resource leak.

Similar to the handling of u132_hcd_init in commit f276e002793c ("usb: u132-hcd: fix resource leak")

Affected Software

VendorProductVersion RangeStatus
LinuxLinux40a13e2493c9882cb4d09054d81a5063cd1589a2 < f166c62cad798c53300b4b327e44300c73ec492daffected
LinuxLinux40a13e2493c9882cb4d09054d81a5063cd1589a2 < 7109e941099244cc876a4b3cb7a3ec79f104374aaffected
LinuxLinux40a13e2493c9882cb4d09054d81a5063cd1589a2 < c99671d4699dcf90d6939923c8fe8a8918e140b2affected
LinuxLinux40a13e2493c9882cb4d09054d81a5063cd1589a2 < 8cfa238a48f34038464b99d0b4825238c2687181affected
LinuxLinux4.5affected
LinuxLinux0 < 4.5unaffected
LinuxLinux5.10.158 <= 5.10.*unaffected
LinuxLinux5.15.82 <= 5.15.*unaffected
LinuxLinux6.0.12 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References