CVE-2022-50048

Summary

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: possible module reference underflow in error path

dst->ops is set on when nft_expr_clone() fails, but module refcount has not been bumped yet, therefore nft_expr_destroy() leads to module reference underflow.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux8cfd9b0f8515e7c361bba27e2a2684cbd427fe01 < b59bee8b05b0e789b5a298cacb09e8aaa3367a29affected
LinuxLinux8cfd9b0f8515e7c361bba27e2a2684cbd427fe01 < 1e52e6cfec6342c3d0df47dc3a76724fb3dabf56affected
LinuxLinux8cfd9b0f8515e7c361bba27e2a2684cbd427fe01 < c485c35ff6783ccd12c160fcac6a0e504e83e0bfaffected
LinuxLinux5.11affected
LinuxLinux0 < 5.11unaffected
LinuxLinux5.15.63 <= 5.15.*unaffected
LinuxLinux5.19.4 <= 5.19.*unaffected
LinuxLinux6.0 <= *unaffected

Weaknesses

References