CVE-2022-48794

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-48794
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48794.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-48794
Related
Published
2024-07-16T12:15:04Z
Modified
2024-09-18T03:22:36.531550Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

net: ieee802154: at86rf230: Stop leaking skb's

Upon error the ieee802154xmitcomplete() helper is not called. Only ieee802154wakequeue() is called manually. In the Tx case we then leak the skb structure.

Free the skb structure upon error before returning when appropriate.

As the 'istx = 0' cannot be moved in the complete handler because of a possible race between the delay in switching to STATERXAACKON and a new interrupt, we introduce an intermediate 'was_tx' boolean just for this purpose.

There is no Fixes tag applying here, many changes have been made on this area and the issue kind of always existed.

References

Affected packages

Debian:11 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.103-1

Affected versions

5.*

5.10.46-4
5.10.46-5
5.10.70-1~bpo10+1
5.10.70-1
5.10.84-1
5.10.92-1~bpo10+1
5.10.92-1
5.10.92-2
5.10.103-1~bpo10+1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.16.11-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.16.11-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}