5.5

CVE-2022-49020

net/9p: Fix a potential socket leak in p9_socket_open

In the Linux kernel, the following vulnerability has been resolved:

net/9p: Fix a potential socket leak in p9_socket_open

Both p9_fd_create_tcp() and p9_fd_create_unix() will call
p9_socket_open(). If the creation of p9_trans_fd fails,
p9_fd_create_tcp() and p9_fd_create_unix() will return an
error directly instead of releasing the cscoket, which will
result in a socket leak.

This patch adds sock_release() to fix the leak issue.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.33 < 4.9.335
LinuxLinux Kernel Version >= 4.10 < 4.14.301
LinuxLinux Kernel Version >= 4.15 < 4.19.268
LinuxLinux Kernel Version >= 4.20 < 5.4.226
LinuxLinux Kernel Version >= 5.5 < 5.10.158
LinuxLinux Kernel Version >= 5.11 < 5.15.82
LinuxLinux Kernel Version >= 5.16 < 6.0.12
LinuxLinux Kernel Version6.1 Updaterc1
LinuxLinux Kernel Version6.1 Updaterc2
LinuxLinux Kernel Version6.1 Updaterc3
LinuxLinux Kernel Version6.1 Updaterc4
LinuxLinux Kernel Version6.1 Updaterc5
LinuxLinux Kernel Version6.1 Updaterc6
LinuxLinux Kernel Version6.1 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.14
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/0396227f4daf4792a6a8aaa3b7771dc25c4cd443
Patch
https://git.kernel.org/stable/c/2d24d91b9f44620824fc37b766f7cae00ca32748
Patch
https://git.kernel.org/stable/c/8782b32ef867de7981bbe9e86ecb90e92e8780bd
Patch
https://git.kernel.org/stable/c/8b14bd0b500aec1458b51cb621c8e5fab3304260
Patch
https://git.kernel.org/stable/c/aa08323fe18cb7cf95317ffa2d54ca1de8e74ebd
Patch
https://git.kernel.org/stable/c/dcc14cfd7debe11b825cb077e75d91d2575b4cb8
Patch
https://git.kernel.org/stable/c/ded893965b895b2dccd3d1436d8d3daffa23ea64
Patch
https://git.kernel.org/stable/c/e01c1542379fb395e7da53706df598f38905dfbf
Patch