CVE-2022-49866
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
net: wwan: mhi: fix memory leak in mhi_mbim_dellink
MHI driver registers network device without setting the needs_free_netdev flag, and does NOT call free_netdev() when unregisters network device, which causes a memory leak.
This patch sets needs_free_netdev to true when registers network device, which makes netdev subsystem call free_netdev() automatically after unregister_netdevice().
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | aa730a9905b7b079ef2fffdab7f15dbb842f5c7c < 2845bc9070cef0c651987487d84d4813d64675dd | affected |
| Linux | Linux | aa730a9905b7b079ef2fffdab7f15dbb842f5c7c < 3cd3ffe952f78ec5dadf300cb58d4b38a0c0106d | affected |
| Linux | Linux | aa730a9905b7b079ef2fffdab7f15dbb842f5c7c < 668205b9c9f94d5ed6ab00cce9a46a654c2b5d16 | affected |
| Linux | Linux | 5.15 | affected |
| Linux | Linux | 0 < 5.15 | unaffected |
| Linux | Linux | 5.15.79 <= 5.15.* | unaffected |
| Linux | Linux | 6.0.9 <= 6.0.* | unaffected |
| Linux | Linux | 6.1 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/2845bc9070cef0c651987487d84d4813d64675dd
- https://git.kernel.org/stable/c/3cd3ffe952f78ec5dadf300cb58d4b38a0c0106d
- https://git.kernel.org/stable/c/668205b9c9f94d5ed6ab00cce9a46a654c2b5d16
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.