CVE-2022-49461

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-49461

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49461.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-49461

Downstream

DEBIAN-CVE-2022-49461

UBUNTU-CVE-2022-49461

Published

2025-02-26T02:13:08.342Z

Modified

2025-11-19T15:05:26.172448Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

amt: fix memory leak for advertisement message

Details

In the Linux kernel, the following vulnerability has been resolved:

amt: fix memory leak for advertisement message

When a gateway receives an advertisement message, it extracts relay information and then it should be freed. But the advertisement handler doesn't free it. So, memory leak would occur.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

cbc21dc1cfe949e37b2a54c71511579f1899e8d4

Fixed

19bb2d57eac86a368839a92117d8a10ab7183623

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

cbc21dc1cfe949e37b2a54c71511579f1899e8d4

Fixed

e7322da399fb86a2072f008b56f7160afa1b2051

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

cbc21dc1cfe949e37b2a54c71511579f1899e8d4

Fixed

fe29794c3585d039fefebaa2b5a4932a627ad4fd

Affected versions

v5.*

v5.15

v5.16

v5.16-rc1

v5.16-rc2

v5.16-rc3

v5.16-rc4

v5.16-rc5

v5.16-rc6

v5.16-rc7

v5.16-rc8

v5.17

v5.17-rc1

v5.17-rc2

v5.17-rc3

v5.17-rc4

v5.17-rc5

v5.17-rc6

v5.17-rc7

v5.17-rc8

v5.17.1

v5.17.10

v5.17.11

v5.17.12

v5.17.13

v5.17.2

v5.17.3

v5.17.4

v5.17.5

v5.17.6

v5.17.7

v5.17.8

v5.17.9

v5.18

v5.18-rc1

v5.18-rc2

v5.18-rc3

v5.18-rc4

v5.18-rc5

v5.18-rc6

v5.18-rc7

v5.18.1

v5.18.2

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "drivers/net/amt.c",
            "function": "amt_rcv"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fe29794c3585d039fefebaa2b5a4932a627ad4fd",
        "digest": {
            "length": 1636.0,
            "function_hash": "277948216773706633832190472538343673490"
        },
        "id": "CVE-2022-49461-6a2396c5"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "drivers/net/amt.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fe29794c3585d039fefebaa2b5a4932a627ad4fd",
        "digest": {
            "line_hashes": [
                "106078167564613226845992581493556743453",
                "147277747171874486733663086645485460150",
                "92026798755106503599046403763846351565",
                "333524308589830825090699284812132700408",
                "174410797052370291828604776794876642193",
                "115974806107790885178092206064291049404"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2022-49461-f3e1d903"
    }
]

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

5.17.14

Type: ECOSYSTEM
Events: Introduced

5.18.0

Fixed

5.18.3