CVE-2022-49704

Summary

In the Linux kernel, the following vulnerability has been resolved:

9p: fix fid refcount leak in v9fs_vfs_get_link

we check for protocol version later than required, after a fid has been obtained. Just move the version check earlier.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux6636b6dcc3db2258cd0585b8078c1c225c4b6dde < f0126bcaee81dabc1926012126aa74caa03a4c6eaffected
LinuxLinux6636b6dcc3db2258cd0585b8078c1c225c4b6dde < e7b6d622bd812013eb39c8f4cd65b7ee8ede1e02affected
LinuxLinux6636b6dcc3db2258cd0585b8078c1c225c4b6dde < e5690f263208c5abce7451370b7786eb25b405ebaffected
LinuxLinux5.11affected
LinuxLinux0 < 5.11unaffected
LinuxLinux5.15.51 <= 5.15.*unaffected
LinuxLinux5.18.8 <= 5.18.*unaffected
LinuxLinux5.19 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References