CVE-2022-49153

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-49153
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49153.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-49153
Downstream
Related
Published
2025-02-26T01:55:18Z
Modified
2025-10-14T21:56:27.212292Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
wireguard: socket: free skb in send6 when ipv6 is disabled
Details

In the Linux kernel, the following vulnerability has been resolved:

wireguard: socket: free skb in send6 when ipv6 is disabled

I got a memory leak report:

unreferenced object 0xffff8881191fc040 (size 232): comm "kworker/u17:0", pid 23193, jiffies 4295238848 (age 3464.870s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<ffffffff814c3ef4>] slabpostallochook+0x84/0x3b0 [<ffffffff814c8977>] kmemcacheallocnode+0x167/0x340 [<ffffffff832974fb>] _allocskb+0x1db/0x200 [<ffffffff82612b5d>] wgsocketsendbuffertopeer+0x3d/0xc0 [<ffffffff8260e94a>] wgpacketsendhandshakeinitiation+0xfa/0x110 [<ffffffff8260ec81>] wgpackethandshakesendworker+0x21/0x30 [<ffffffff8119c558>] processonework+0x2e8/0x770 [<ffffffff8119ca2a>] workerthread+0x4a/0x4b0 [<ffffffff811a88e0>] kthread+0x120/0x160 [<ffffffff8100242f>] retfromfork+0x1f/0x30

In function wgsocketsendbufferasreplytoskb() or wgsocketsend buffertopeer(), the semantics of send6() is required to free skb. But when CONFIGIPV6 is disable, kfreeskb() is missing. This patch adds it to fix this bug.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e7096c131e5161fa3b8e52a650d7719d2857adfd
Fixed
096f9d35cac0a0c95ffafc00db84786b665a4837
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e7096c131e5161fa3b8e52a650d7719d2857adfd
Fixed
402991a9771587acc2947cf6c4d689c5397f2258
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e7096c131e5161fa3b8e52a650d7719d2857adfd
Fixed
ebcc492f4ba14bae54b898f1016a37b4282558d1
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e7096c131e5161fa3b8e52a650d7719d2857adfd
Fixed
0b19bcb753dbfb74710d12bb2761ec5ed706c726
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e7096c131e5161fa3b8e52a650d7719d2857adfd
Fixed
bbbf962d9460194993ee1943a793a0a0af4a7fbf

Affected versions

v5.*

v5.10
v5.10-rc1
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.10.1
v5.10.10
v5.10.100
v5.10.101
v5.10.102
v5.10.103
v5.10.104
v5.10.105
v5.10.106
v5.10.107
v5.10.108
v5.10.109
v5.10.11
v5.10.12
v5.10.13
v5.10.14
v5.10.15
v5.10.16
v5.10.17
v5.10.18
v5.10.19
v5.10.2
v5.10.20
v5.10.21
v5.10.22
v5.10.23
v5.10.24
v5.10.25
v5.10.26
v5.10.27
v5.10.28
v5.10.29
v5.10.3
v5.10.30
v5.10.31
v5.10.32
v5.10.33
v5.10.34
v5.10.35
v5.10.36
v5.10.37
v5.10.38
v5.10.39
v5.10.4
v5.10.40
v5.10.41
v5.10.42
v5.10.43
v5.10.44
v5.10.45
v5.10.46
v5.10.47
v5.10.48
v5.10.49
v5.10.5
v5.10.50
v5.10.51
v5.10.52
v5.10.53
v5.10.54
v5.10.55
v5.10.56
v5.10.57
v5.10.58
v5.10.59
v5.10.6
v5.10.60
v5.10.61
v5.10.62
v5.10.63
v5.10.64
v5.10.65
v5.10.66
v5.10.67
v5.10.68
v5.10.69
v5.10.7
v5.10.70
v5.10.71
v5.10.72
v5.10.73
v5.10.74
v5.10.75
v5.10.76
v5.10.77
v5.10.78
v5.10.79
v5.10.8
v5.10.80
v5.10.81
v5.10.82
v5.10.83
v5.10.84
v5.10.85
v5.10.86
v5.10.87
v5.10.88
v5.10.89
v5.10.9
v5.10.90
v5.10.91
v5.10.92
v5.10.93
v5.10.94
v5.10.95
v5.10.96
v5.10.97
v5.10.98
v5.10.99
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.4
v5.15.5
v5.15.6
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.16.1
v5.16.10
v5.16.11
v5.16.12
v5.16.13
v5.16.14
v5.16.15
v5.16.16
v5.16.17
v5.16.18
v5.16.2
v5.16.3
v5.16.4
v5.16.5
v5.16.6
v5.16.7
v5.16.8
v5.16.9
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.17.1
v5.5
v5.5-rc2
v5.5-rc3
v5.5-rc4
v5.5-rc5
v5.5-rc6
v5.5-rc7
v5.6
v5.6-rc1
v5.6-rc2
v5.6-rc3
v5.6-rc4
v5.6-rc5
v5.6-rc6
v5.6-rc7
v5.7
v5.7-rc1
v5.7-rc2
v5.7-rc3
v5.7-rc4
v5.7-rc5
v5.7-rc6
v5.7-rc7
v5.8
v5.8-rc1
v5.8-rc2
v5.8-rc3
v5.8-rc4
v5.8-rc5
v5.8-rc6
v5.8-rc7
v5.9
v5.9-rc1
v5.9-rc2
v5.9-rc3
v5.9-rc4
v5.9-rc5
v5.9-rc6
v5.9-rc7
v5.9-rc8

Database specific

{
    "vanir_signatures": [
        {
            "signature_version": "v1",
            "signature_type": "Line",
            "target": {
                "file": "drivers/net/wireguard/socket.c"
            },
            "id": "CVE-2022-49153-0ab027bf",
            "digest": {
                "line_hashes": [
                    "246397572943629216418274453019387402008",
                    "329086242801932719278189082289470966688",
                    "126234414428435301143627832481254858723",
                    "270317083931049644052843056272809739170"
                ],
                "threshold": 0.9
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@096f9d35cac0a0c95ffafc00db84786b665a4837"
        },
        {
            "signature_version": "v1",
            "signature_type": "Line",
            "target": {
                "file": "drivers/net/wireguard/socket.c"
            },
            "id": "CVE-2022-49153-28795bb9",
            "digest": {
                "line_hashes": [
                    "246397572943629216418274453019387402008",
                    "329086242801932719278189082289470966688",
                    "126234414428435301143627832481254858723",
                    "270317083931049644052843056272809739170"
                ],
                "threshold": 0.9
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0b19bcb753dbfb74710d12bb2761ec5ed706c726"
        },
        {
            "signature_version": "v1",
            "signature_type": "Function",
            "target": {
                "file": "drivers/net/wireguard/socket.c",
                "function": "send6"
            },
            "id": "CVE-2022-49153-424e8153",
            "digest": {
                "length": 1569.0,
                "function_hash": "117022466358305336387956238157619171905"
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@402991a9771587acc2947cf6c4d689c5397f2258"
        },
        {
            "signature_version": "v1",
            "signature_type": "Line",
            "target": {
                "file": "drivers/net/wireguard/socket.c"
            },
            "id": "CVE-2022-49153-56c55c7b",
            "digest": {
                "line_hashes": [
                    "246397572943629216418274453019387402008",
                    "329086242801932719278189082289470966688",
                    "126234414428435301143627832481254858723",
                    "270317083931049644052843056272809739170"
                ],
                "threshold": 0.9
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@402991a9771587acc2947cf6c4d689c5397f2258"
        },
        {
            "signature_version": "v1",
            "signature_type": "Function",
            "target": {
                "file": "drivers/net/wireguard/socket.c",
                "function": "send6"
            },
            "id": "CVE-2022-49153-6b4557f6",
            "digest": {
                "length": 1569.0,
                "function_hash": "117022466358305336387956238157619171905"
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ebcc492f4ba14bae54b898f1016a37b4282558d1"
        },
        {
            "signature_version": "v1",
            "signature_type": "Function",
            "target": {
                "file": "drivers/net/wireguard/socket.c",
                "function": "send6"
            },
            "id": "CVE-2022-49153-709d7034",
            "digest": {
                "length": 1569.0,
                "function_hash": "117022466358305336387956238157619171905"
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0b19bcb753dbfb74710d12bb2761ec5ed706c726"
        },
        {
            "signature_version": "v1",
            "signature_type": "Function",
            "target": {
                "file": "drivers/net/wireguard/socket.c",
                "function": "send6"
            },
            "id": "CVE-2022-49153-768c87f7",
            "digest": {
                "length": 1569.0,
                "function_hash": "117022466358305336387956238157619171905"
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bbbf962d9460194993ee1943a793a0a0af4a7fbf"
        },
        {
            "signature_version": "v1",
            "signature_type": "Line",
            "target": {
                "file": "drivers/net/wireguard/socket.c"
            },
            "id": "CVE-2022-49153-adf053a7",
            "digest": {
                "line_hashes": [
                    "246397572943629216418274453019387402008",
                    "329086242801932719278189082289470966688",
                    "126234414428435301143627832481254858723",
                    "270317083931049644052843056272809739170"
                ],
                "threshold": 0.9
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bbbf962d9460194993ee1943a793a0a0af4a7fbf"
        },
        {
            "signature_version": "v1",
            "signature_type": "Line",
            "target": {
                "file": "drivers/net/wireguard/socket.c"
            },
            "id": "CVE-2022-49153-e8e825cb",
            "digest": {
                "line_hashes": [
                    "246397572943629216418274453019387402008",
                    "329086242801932719278189082289470966688",
                    "126234414428435301143627832481254858723",
                    "270317083931049644052843056272809739170"
                ],
                "threshold": 0.9
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ebcc492f4ba14bae54b898f1016a37b4282558d1"
        },
        {
            "signature_version": "v1",
            "signature_type": "Function",
            "target": {
                "file": "drivers/net/wireguard/socket.c",
                "function": "send6"
            },
            "id": "CVE-2022-49153-f9cc6e8a",
            "digest": {
                "length": 1582.0,
                "function_hash": "225893862755924077507213772601262376303"
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@096f9d35cac0a0c95ffafc00db84786b665a4837"
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.6.0
Fixed
5.10.110
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.33
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
5.16.19
Type
ECOSYSTEM
Events
Introduced
5.17.0
Fixed
5.17.2