5.5
CVE-2022-48642
- EPSS 0.23%
- Veröffentlicht 28.04.2024 13:15:07
- Zuletzt bearbeitet 07.01.2025 16:58:08
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()
It seems to me that percpu memory for chain stats started leaking since
commit 3bc158f8d0330f0a ("netfilter: nf_tables: map basechain priority to
hardware priority") when nft_chain_offload_priority() returned an error.Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.3 < 5.10.146
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.71
Linux ≫ Linux Kernel Version >= 5.16 < 5.19.12
Linux ≫ Linux Kernel Version6.0 Updaterc1
Linux ≫ Linux Kernel Version6.0 Updaterc2
Linux ≫ Linux Kernel Version6.0 Updaterc3
Linux ≫ Linux Kernel Version6.0 Updaterc4
Linux ≫ Linux Kernel Version6.0 Updaterc5
Linux ≫ Linux Kernel Version6.0 Updaterc6
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.138 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/08d7524f366a886b99b1630a24a27dd6e0d7f852
https://git.kernel.org/stable/c/985b031667c3177b9e7fb9787b989628e4271714
https://git.kernel.org/stable/c/9a4d6dd554b86e65581ef6b6638a39ae079b17ac
https://git.kernel.org/stable/c/b043a525a3f5520abb676a7cd8f6328fdf959e88