CVE-2022-49153
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49153
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49153.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-49153
- Downstream
- Related
- Published
- 2025-02-26T07:00:52Z
- Modified
- 2025-10-01T20:15:52Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
wireguard: socket: free skb in send6 when ipv6 is disabled
I got a memory leak report:
unreferenced object 0xffff8881191fc040 (size 232): comm "kworker/u17:0", pid 23193, jiffies 4295238848 (age 3464.870s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<ffffffff814c3ef4>] slabpostallochook+0x84/0x3b0 [<ffffffff814c8977>] kmemcacheallocnode+0x167/0x340 [<ffffffff832974fb>] _allocskb+0x1db/0x200 [<ffffffff82612b5d>] wgsocketsendbuffertopeer+0x3d/0xc0 [<ffffffff8260e94a>] wgpacketsendhandshakeinitiation+0xfa/0x110 [<ffffffff8260ec81>] wgpackethandshakesendworker+0x21/0x30 [<ffffffff8119c558>] processonework+0x2e8/0x770 [<ffffffff8119ca2a>] workerthread+0x4a/0x4b0 [<ffffffff811a88e0>] kthread+0x120/0x160 [<ffffffff8100242f>] retfromfork+0x1f/0x30
In function wgsocketsendbufferasreplytoskb() or wgsocketsend buffertopeer(), the semantics of send6() is required to free skb. But when CONFIGIPV6 is disable, kfreeskb() is missing. This patch adds it to fix this bug.
- References
-
- https://git.kernel.org/stable/c/096f9d35cac0a0c95ffafc00db84786b665a4837
- https://git.kernel.org/stable/c/0b19bcb753dbfb74710d12bb2761ec5ed706c726
- https://git.kernel.org/stable/c/402991a9771587acc2947cf6c4d689c5397f2258
- https://git.kernel.org/stable/c/bbbf962d9460194993ee1943a793a0a0af4a7fbf
- https://git.kernel.org/stable/c/ebcc492f4ba14bae54b898f1016a37b4282558d1