5.5

CVE-2022-48642

netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()

It seems to me that percpu memory for chain stats started leaking since
commit 3bc158f8d0330f0a ("netfilter: nf_tables: map basechain priority to
hardware priority") when nft_chain_offload_priority() returned an error.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.3 < 5.10.146
LinuxLinux Kernel Version >= 5.11 < 5.15.71
LinuxLinux Kernel Version >= 5.16 < 5.19.12
LinuxLinux Kernel Version6.0 Updaterc1
LinuxLinux Kernel Version6.0 Updaterc2
LinuxLinux Kernel Version6.0 Updaterc3
LinuxLinux Kernel Version6.0 Updaterc4
LinuxLinux Kernel Version6.0 Updaterc5
LinuxLinux Kernel Version6.0 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.138
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/08d7524f366a886b99b1630a24a27dd6e0d7f852
Patch
https://git.kernel.org/stable/c/985b031667c3177b9e7fb9787b989628e4271714
Patch
https://git.kernel.org/stable/c/9a4d6dd554b86e65581ef6b6638a39ae079b17ac
Patch
https://git.kernel.org/stable/c/b043a525a3f5520abb676a7cd8f6328fdf959e88
Patch