In the Linux kernel, the following vulnerability has been resolved:
sched/debug: fix dentry leak in updatescheddomain_debugfs
Kuyo reports that the pattern of using debugfsremove(debugfslookup()) leaks a dentry and with a hotplug stress test, the machine eventually runs out of memory.
Fix this up by using the newly created debugfslookupand_remove() call instead which properly handles the dentry reference counting logic.
{ "vanir_signatures": [ { "id": "CVE-2022-48699-20543b9f", "signature_type": "Line", "target": { "file": "kernel/sched/debug.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "335682554519038736777805701924133760336", "218003420231430538189937597886040161107", "178672094163537652111454269795082152830", "244770854602130643603617068023913217466" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@26e9a1ded8923510e5529fbb28390b22228700c2" }, { "id": "CVE-2022-48699-2a54935e", "signature_type": "Line", "target": { "file": "kernel/sched/debug.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "335682554519038736777805701924133760336", "218003420231430538189937597886040161107", "178672094163537652111454269795082152830", "244770854602130643603617068023913217466" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c2e406596571659451f4b95e37ddfd5a8ef1d0dc" }, { "id": "CVE-2022-48699-4d4b1617", "signature_type": "Function", "target": { "file": "kernel/sched/debug.c", "function": "update_sched_domain_debugfs" }, "signature_version": "v1", "digest": { "length": 738.0, "function_hash": "180332699981170611208714434687332266618" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@26e9a1ded8923510e5529fbb28390b22228700c2" }, { "id": "CVE-2022-48699-653a0237", "signature_type": "Function", "target": { "file": "kernel/sched/debug.c", "function": "update_sched_domain_debugfs" }, "signature_version": "v1", "digest": { "length": 738.0, "function_hash": "180332699981170611208714434687332266618" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c2e406596571659451f4b95e37ddfd5a8ef1d0dc" } ] }