CVE-2022-50065

Summary

In the Linux kernel, the following vulnerability has been resolved:

virtio_net: fix memory leak inside XPD_TX with mergeable

When we call xdp_convert_buff_to_frame() to get xdpf, if it returns NULL, we should check if xdp_page was allocated by xdp_linearize_page(). If it is newly allocated, it should be freed here alone. Just like any other "goto err_xdp".

Affected Software

VendorProductVersion RangeStatus
LinuxLinux44fa2dbd475996ddc8f3a0e6113dee983e0ee3aa < faafa2a87f697ee537c29446097e1cc3143506faaffected
LinuxLinux44fa2dbd475996ddc8f3a0e6113dee983e0ee3aa < d3723eab11196475ef83279571b2b0bd0924cf82affected
LinuxLinux44fa2dbd475996ddc8f3a0e6113dee983e0ee3aa < 18e383afbd7047af7b055df6e25436e0ce28f8a5affected
LinuxLinux44fa2dbd475996ddc8f3a0e6113dee983e0ee3aa < 7a542bee27c6a57e45c33cbbdc963325fd6493afaffected
LinuxLinux4.18affected
LinuxLinux0 < 4.18unaffected
LinuxLinux5.10.138 <= 5.10.*unaffected
LinuxLinux5.15.63 <= 5.15.*unaffected
LinuxLinux5.19.4 <= 5.19.*unaffected
LinuxLinux6.0 <= *unaffected

Weaknesses

References