CVE-2022-50252

Summary

In the Linux kernel, the following vulnerability has been resolved:

igb: Do not free q_vector unless new one was allocated

Avoid potential use-after-free condition under memory pressure. If the kzalloc() fails, q_vector will be freed but left in the original adapter->q_vector[v_idx] array position.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux72ddef0506da852dc82f078f37ced8ef4d74a2bf < 64ca1969599857143e91aeec4440640656100803affected
LinuxLinux72ddef0506da852dc82f078f37ced8ef4d74a2bf < 0200f0fbb11e359cc35af72ab10b2ec224e6f633affected
LinuxLinux72ddef0506da852dc82f078f37ced8ef4d74a2bf < 68e8adbcaf7a8743e473343b38b9dad66e2ac6f3affected
LinuxLinux72ddef0506da852dc82f078f37ced8ef4d74a2bf < f96bd8adc8adde25390965a8c1ee81b73cb62075affected
LinuxLinux72ddef0506da852dc82f078f37ced8ef4d74a2bf < 3cb18dea11196fb4a06f78294cec5e61985e1affaffected
LinuxLinux72ddef0506da852dc82f078f37ced8ef4d74a2bf < 314f7092b27749bdde44c14095b5533afa2a3bc8affected
LinuxLinux72ddef0506da852dc82f078f37ced8ef4d74a2bf < 6e399577bd397a517df4b938601108c63769ce0aaffected
LinuxLinux72ddef0506da852dc82f078f37ced8ef4d74a2bf < 56483aecf6b22eb7dff6315b3a174688c6ad494caffected
LinuxLinux72ddef0506da852dc82f078f37ced8ef4d74a2bf < 0668716506ca66f90d395f36ccdaebc3e0e84801affected
LinuxLinux5be042b1917ddf444c20f4e12856535307b37c01affected
LinuxLinuxa0e26ed623a1e1460c1a191fbc0f37bddab7851aaffected
LinuxLinuxf4b7f93cd34a6153d454a837708fd4203990d1aeaffected
LinuxLinux3.18.23 < 3.19affected
LinuxLinux4.1.9 < 4.2affected
LinuxLinux4.2.2 < 4.3affected
LinuxLinux4.3affected
LinuxLinux0 < 4.3unaffected
LinuxLinux4.9.337 <= 4.9.*unaffected
LinuxLinux4.14.303 <= 4.14.*unaffected
LinuxLinux4.19.270 <= 4.19.*unaffected
LinuxLinux5.4.229 <= 5.4.*unaffected
LinuxLinux5.10.163 <= 5.10.*unaffected
LinuxLinux5.15.86 <= 5.15.*unaffected
LinuxLinux6.0.16 <= 6.0.*unaffected
LinuxLinux6.1.2 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

References