CVE-2022-48641

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-48641
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48641.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-48641
Downstream
Published
2024-04-28T12:59:53Z
Modified
2025-10-21T08:37:45.379970Z
Summary
netfilter: ebtables: fix memory leak when blob is malformed
Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: ebtables: fix memory leak when blob is malformed

The bug fix was incomplete, it "replaced" crash with a memory leak. The old code had an assignment to "ret" embedded into the conditional, restore this.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
afd01382594d643e1adeb16826423b418cdf8b8b
Fixed
754e8b74281dd54a324698803483f47cf3355ae1
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
358765beb836f5fc2ed26b5df4140d5d3548ac11
Fixed
1e98318af2f163eadaff815abcef38d27ca92c1e
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
160c4eb47db03b96c0c425358e7595ebefe8094d
Fixed
11ebf32fde46572b0aaf3c2bdd97d923ef5a03ab
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
624c30521233e110cf50ba01980a591e045036ae
Fixed
ebd97dbe3c55d68346b9c5fb00634a7f5b10bbee
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1b2c5428f773d60c116c7b1e390432e0cfb63cd6
Fixed
d5917b7af7cae0e2804f9d127a03268035098b7f
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e53cfa017bf4575d0b948a8f45313ef66d897136
Fixed
38cf372b17f0a5f35c1b716a100532d539f0eb33
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
7997eff82828304b780dc0a39707e1946d6f1ebf
Fixed
62ce44c4fff947eebdf10bb582267e686e6835c9

Affected versions

v4.*

v4.14.292
v4.14.293
v4.14.294
v4.19.257
v4.19.258
v4.19.259

v5.*

v5.10.140
v5.10.141
v5.10.142
v5.10.143
v5.10.144
v5.10.145
v5.15.64
v5.15.65
v5.15.66
v5.15.67
v5.15.68
v5.15.69
v5.15.70
v5.19.10
v5.19.11
v5.19.6
v5.19.7
v5.19.8
v5.19.9
v5.4.212
v5.4.213
v5.4.214

v6.*

v6.0-rc2
v6.0-rc3
v6.0-rc4

Database specific

vanir_signatures

[
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ebd97dbe3c55d68346b9c5fb00634a7f5b10bbee",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "net/bridge/netfilter/ebtables.c"
        },
        "id": "CVE-2022-48641-04cd5269",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "116360368862217983692841477592907717436",
                "193575990643682738978735358150531986094",
                "162183682769245979509433729734594350803",
                "321667255052587236845468126402922014195",
                "278493199250963135834400483241252879844"
            ]
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1e98318af2f163eadaff815abcef38d27ca92c1e",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "net/bridge/netfilter/ebtables.c"
        },
        "id": "CVE-2022-48641-0d298591",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "116360368862217983692841477592907717436",
                "193575990643682738978735358150531986094",
                "162183682769245979509433729734594350803",
                "321667255052587236845468126402922014195",
                "278493199250963135834400483241252879844"
            ]
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@62ce44c4fff947eebdf10bb582267e686e6835c9",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "net/bridge/netfilter/ebtables.c"
        },
        "id": "CVE-2022-48641-198dc1a2",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "116360368862217983692841477592907717436",
                "193575990643682738978735358150531986094",
                "162183682769245979509433729734594350803",
                "321667255052587236845468126402922014195",
                "278493199250963135834400483241252879844"
            ]
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@38cf372b17f0a5f35c1b716a100532d539f0eb33",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "function": "do_replace_finish",
            "file": "net/bridge/netfilter/ebtables.c"
        },
        "id": "CVE-2022-48641-1db95fd2",
        "signature_type": "Function",
        "digest": {
            "length": 1936.0,
            "function_hash": "56488394618836159328920201558144363762"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1e98318af2f163eadaff815abcef38d27ca92c1e",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "function": "do_replace_finish",
            "file": "net/bridge/netfilter/ebtables.c"
        },
        "id": "CVE-2022-48641-2f64f0f8",
        "signature_type": "Function",
        "digest": {
            "length": 2026.0,
            "function_hash": "29241946568672347149418029132072164865"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@754e8b74281dd54a324698803483f47cf3355ae1",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "net/bridge/netfilter/ebtables.c"
        },
        "id": "CVE-2022-48641-3c31734c",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "116360368862217983692841477592907717436",
                "193575990643682738978735358150531986094",
                "162183682769245979509433729734594350803",
                "321667255052587236845468126402922014195",
                "278493199250963135834400483241252879844"
            ]
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d5917b7af7cae0e2804f9d127a03268035098b7f",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "function": "do_replace_finish",
            "file": "net/bridge/netfilter/ebtables.c"
        },
        "id": "CVE-2022-48641-3d242029",
        "signature_type": "Function",
        "digest": {
            "length": 1923.0,
            "function_hash": "340044601904635616575394178023412654414"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@11ebf32fde46572b0aaf3c2bdd97d923ef5a03ab",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "net/bridge/netfilter/ebtables.c"
        },
        "id": "CVE-2022-48641-44f83e30",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "116360368862217983692841477592907717436",
                "193575990643682738978735358150531986094",
                "162183682769245979509433729734594350803",
                "321667255052587236845468126402922014195",
                "278493199250963135834400483241252879844"
            ]
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@11ebf32fde46572b0aaf3c2bdd97d923ef5a03ab",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "function": "do_replace_finish",
            "file": "net/bridge/netfilter/ebtables.c"
        },
        "id": "CVE-2022-48641-466604d7",
        "signature_type": "Function",
        "digest": {
            "length": 2026.0,
            "function_hash": "29241946568672347149418029132072164865"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d5917b7af7cae0e2804f9d127a03268035098b7f",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "net/bridge/netfilter/ebtables.c"
        },
        "id": "CVE-2022-48641-91ec44f0",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "116360368862217983692841477592907717436",
                "193575990643682738978735358150531986094",
                "162183682769245979509433729734594350803",
                "321667255052587236845468126402922014195",
                "278493199250963135834400483241252879844"
            ]
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ebd97dbe3c55d68346b9c5fb00634a7f5b10bbee",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "function": "do_replace_finish",
            "file": "net/bridge/netfilter/ebtables.c"
        },
        "id": "CVE-2022-48641-92cffbf9",
        "signature_type": "Function",
        "digest": {
            "length": 1923.0,
            "function_hash": "340044601904635616575394178023412654414"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@754e8b74281dd54a324698803483f47cf3355ae1",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "function": "do_replace_finish",
            "file": "net/bridge/netfilter/ebtables.c"
        },
        "id": "CVE-2022-48641-9d394173",
        "signature_type": "Function",
        "digest": {
            "length": 2286.0,
            "function_hash": "62464908233271940082616908653925627523"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@38cf372b17f0a5f35c1b716a100532d539f0eb33",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "net/bridge/netfilter/ebtables.c"
        },
        "id": "CVE-2022-48641-a03c3208",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "116360368862217983692841477592907717436",
                "193575990643682738978735358150531986094",
                "162183682769245979509433729734594350803",
                "321667255052587236845468126402922014195",
                "278493199250963135834400483241252879844"
            ]
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@62ce44c4fff947eebdf10bb582267e686e6835c9",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "function": "do_replace_finish",
            "file": "net/bridge/netfilter/ebtables.c"
        },
        "id": "CVE-2022-48641-befb4274",
        "signature_type": "Function",
        "digest": {
            "length": 1936.0,
            "function_hash": "56488394618836159328920201558144363762"
        }
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.14.292
Fixed
4.14.295
Type
ECOSYSTEM
Events
Introduced
4.19.257
Fixed
4.19.260
Type
ECOSYSTEM
Events
Introduced
5.4.212
Fixed
5.4.215
Type
ECOSYSTEM
Events
Introduced
5.10.140
Fixed
5.10.146
Type
ECOSYSTEM
Events
Introduced
5.15.64
Fixed
5.15.71
Type
ECOSYSTEM
Events
Introduced
5.19.6
Fixed
5.19.12