CVE-2022-50352

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: hns: fix possible memory leak in hnae_ae_register()

Inject fault while probing module, if device_register() fails, but the refcount of kobject is not decreased to 0, the name allocated in dev_set_name() is leaked. Fix this by calling put_device(), so that name can be freed in callback function kobject_cleanup().

unreferenced object 0xffff00c01aba2100 (size 128): comm "systemd-udevd", pid 1259, jiffies 4294903284 (age 294.152s) hex dump (first 32 bytes): 68 6e 61 65 30 00 00 00 18 21 ba 1a c0 00 ff ff hnae0….!…… 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ……………. backtrace: [<0000000034783f26>] slab_post_alloc_hook+0xa0/0x3e0 [<00000000748188f2>] __kmem_cache_alloc_node+0x164/0x2b0 [<00000000ab0743e8>] __kmalloc_node_track_caller+0x6c/0x390 [<000000006c0ffb13>] kvasprintf+0x8c/0x118 [<00000000fa27bfe1>] kvasprintf_const+0x60/0xc8 [<0000000083e10ed7>] kobject_set_name_vargs+0x3c/0xc0 [<000000000b87affc>] dev_set_name+0x7c/0xa0 [<000000003fd8fe26>] hnae_ae_register+0xcc/0x190 [hnae] [<00000000fe97edc9>] hns_dsaf_ae_init+0x9c/0x108 [hns_dsaf] [<00000000c36ff1eb>] hns_dsaf_probe+0x548/0x748 [hns_dsaf]

Affected Software

VendorProductVersion RangeStatus
LinuxLinux6fe6611ff275522a4e4c0359e2f46cdd07780d2f < a3c148955c22fe1d94d7a2096005679c1f22eddfaffected
LinuxLinux6fe6611ff275522a4e4c0359e2f46cdd07780d2f < 3b78453cca046d3b03853f0d077ad3ad130db886affected
LinuxLinux6fe6611ff275522a4e4c0359e2f46cdd07780d2f < 7ae1345f6ad715acbcdc9e1ac28153684fd498bbaffected
LinuxLinux6fe6611ff275522a4e4c0359e2f46cdd07780d2f < dfc0337c6dceb6449403b33ecb141f4a1458a1e9affected
LinuxLinux6fe6611ff275522a4e4c0359e2f46cdd07780d2f < 2974f3b330ef25f5d34a4948d04290c2cd7802cfaffected
LinuxLinux6fe6611ff275522a4e4c0359e2f46cdd07780d2f < 91f8f5342bee726ed5692583d58f69e7cc9ae60eaffected
LinuxLinux6fe6611ff275522a4e4c0359e2f46cdd07780d2f < 02dc0db19d944b4a90941db505ecf1aaec714be4affected
LinuxLinux6fe6611ff275522a4e4c0359e2f46cdd07780d2f < ff2f5ec5d009844ec28f171123f9e58750cef4bfaffected
LinuxLinux4.4affected
LinuxLinux0 < 4.4unaffected
LinuxLinux4.9.332 <= 4.9.*unaffected
LinuxLinux4.14.298 <= 4.14.*unaffected
LinuxLinux4.19.264 <= 4.19.*unaffected
LinuxLinux5.4.221 <= 5.4.*unaffected
LinuxLinux5.10.152 <= 5.10.*unaffected
LinuxLinux5.15.76 <= 5.15.*unaffected
LinuxLinux6.0.6 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References