CVE-2022-49620

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: tipc: fix possible refcount leak in tipc_sk_create()

Free sk in case tipc_sk_insert() fails.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux5b8fa7ce823a59a328e0a7661df2478bfb745de4 < 638fa20b618b2bbcf86da71231624cc82121a036affected
LinuxLinux5b8fa7ce823a59a328e0a7661df2478bfb745de4 < 7bc9e7f70bc57d8f02ffea2a42094281effb15efaffected
LinuxLinux5b8fa7ce823a59a328e0a7661df2478bfb745de4 < ef488669b2652bde5b6ee5a409a5b048a2a50db4affected
LinuxLinux5b8fa7ce823a59a328e0a7661df2478bfb745de4 < 4919d82f7041157a421ca9bf39a78551d5ad8a1baffected
LinuxLinux5b8fa7ce823a59a328e0a7661df2478bfb745de4 < efa78f2ae363428525fb4981bb63c555ee79f3c7affected
LinuxLinux5b8fa7ce823a59a328e0a7661df2478bfb745de4 < 833ecd0eae76eadf81d6d747bb5bc992d1151867affected
LinuxLinux5b8fa7ce823a59a328e0a7661df2478bfb745de4 < 3b2957fc09fe1ac7f07f40dd50dd5f93e3f3a7a2affected
LinuxLinux5b8fa7ce823a59a328e0a7661df2478bfb745de4 < 00aff3590fc0a73bddd3b743863c14e76fd35c0caffected
LinuxLinux3.18affected
LinuxLinux0 < 3.18unaffected
LinuxLinux4.9.324 <= 4.9.*unaffected
LinuxLinux4.14.289 <= 4.14.*unaffected
LinuxLinux4.19.253 <= 4.19.*unaffected
LinuxLinux5.4.207 <= 5.4.*unaffected
LinuxLinux5.10.132 <= 5.10.*unaffected
LinuxLinux5.15.56 <= 5.15.*unaffected
LinuxLinux5.18.13 <= 5.18.*unaffected
LinuxLinux5.19 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References