CVE-2022-49867

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: wwan: iosm: fix memory leak in ipc_wwan_dellink

IOSM driver registers network device without setting the needs_free_netdev flag, and does NOT call free_netdev() when unregisters network device, which causes a memory leak.

This patch sets needs_free_netdev to true when registers network device, which makes netdev subsystem call free_netdev() automatically after unregister_netdevice().

Affected Software

VendorProductVersion RangeStatus
LinuxLinux2a54f2c7793409736f2e5ea101e050b3f1997088 < 2ce2348c2858d723f7fe389dead9b43b08e0944eaffected
LinuxLinux2a54f2c7793409736f2e5ea101e050b3f1997088 < 128514b51a5ba2c82f9e4a106f1c10423907618aaffected
LinuxLinux2a54f2c7793409736f2e5ea101e050b3f1997088 < f25caaca424703d5a0607310f0452f978f1f78d9affected
LinuxLinux5.14affected
LinuxLinux0 < 5.14unaffected
LinuxLinux5.15.79 <= 5.15.*unaffected
LinuxLinux6.0.9 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References