CVE-2022-49107

Summary

In the Linux kernel, the following vulnerability has been resolved:

ceph: fix memory leak in ceph_readdir when note_last_dentry returns error

Reset the last_readdir at the same time, and add a comment explaining why we don't free last_readdir when dir_emit returns false.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux9030aaf9bf0a1eee47a154c316c789e959638b0f < f4429786129648a8f4bb1e5faa143c4478cc5c4aaffected
LinuxLinux9030aaf9bf0a1eee47a154c316c789e959638b0f < 2fe82d3254029ef9ec4e7be890125d5ef4f537deaffected
LinuxLinux9030aaf9bf0a1eee47a154c316c789e959638b0f < e792575b902a3939ca482491ee9fb3a236f99640affected
LinuxLinux9030aaf9bf0a1eee47a154c316c789e959638b0f < 7f740ede35132d3d5d19747cad56a511d21bb156affected
LinuxLinux9030aaf9bf0a1eee47a154c316c789e959638b0f < f639d9867eea647005dc824e0e24f39ffc50d4e4affected
LinuxLinux2.6.34affected
LinuxLinux0 < 2.6.34unaffected
LinuxLinux5.10.111 <= 5.10.*unaffected
LinuxLinux5.15.34 <= 5.15.*unaffected
LinuxLinux5.16.20 <= 5.16.*unaffected
LinuxLinux5.17.3 <= 5.17.*unaffected
LinuxLinux5.18 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References