CVE-2022-49803

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-49803

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49803.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-49803

Downstream

DEBIAN-CVE-2022-49803

UBUNTU-CVE-2022-49803

Published

2025-05-01T14:09:30.971Z

Modified

2025-12-04T17:45:53.248126Z

Summary

netdevsim: Fix memory leak of nsim_dev->fa_cookie

Details

In the Linux kernel, the following vulnerability has been resolved:

netdevsim: Fix memory leak of nsimdev->facookie

kmemleak reports this issue:

unreferenced object 0xffff8881bac872d0 (size 8): comm "sh", pid 58603, jiffies 4481524462 (age 68.065s) hex dump (first 8 bytes): 04 00 00 00 de ad be ef ........ backtrace: [<00000000c80b8577>] _kmalloc+0x49/0x150 [<000000005292b8c6>] nsimdevtrapfacookiewrite+0xc1/0x210 [netdevsim] [<0000000093d78e77>] fullproxywrite+0xf3/0x180 [<000000005a662c16>] vfswrite+0x1c5/0xaf0 [<000000007aabf84a>] ksyswrite+0xed/0x1c0 [<000000005f1d2e47>] dosyscall64+0x3b/0x90 [<000000006001c6ec>] entrySYSCALL64afterhwframe+0x63/0xcd

The issue occurs in the following scenarios:

nsimdevtrapfacookiewrite() kmalloc() facookie nsimdev->facookie = facookie .. nsimdrv_remove()

The facookie allocked in nsimdevtrapfacookiewrite() is not freed. To fix, add kfree(nsimdev->facookie) to nsimdrvremove().

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49803.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

d3cbb907ae57fe5da314b51d949b617b538bdeae

Fixed

207edad5717e0a5709ce8467f0eff41c607835c9

Fixed

064bc7312bd09a48798418663090be0c776183db

Affected versions

v5.*

v5.10

v5.10-rc1

v5.10-rc2

v5.10-rc3

v5.10-rc4

v5.10-rc5

v5.10-rc6

v5.10-rc7

v5.11

v5.11-rc1

v5.11-rc2

v5.11-rc3

v5.11-rc4

v5.11-rc5

v5.11-rc6

v5.11-rc7

v5.12

v5.12-rc1

v5.12-rc1-dontuse

v5.12-rc2

v5.12-rc3

v5.12-rc4

v5.12-rc5

v5.12-rc6

v5.12-rc7

v5.12-rc8

v5.13

v5.13-rc1

v5.13-rc2

v5.13-rc3

v5.13-rc4

v5.13-rc5

v5.13-rc6

v5.13-rc7

v5.14

v5.14-rc1

v5.14-rc2

v5.14-rc3

v5.14-rc4

v5.14-rc5

v5.14-rc6

v5.14-rc7

v5.15

v5.15-rc1

v5.15-rc2

v5.15-rc3

v5.15-rc4

v5.15-rc5

v5.15-rc6

v5.15-rc7

v5.16

v5.16-rc1

v5.16-rc2

v5.16-rc3

v5.16-rc4

v5.16-rc5

v5.16-rc6

v5.16-rc7

v5.16-rc8

v5.17

v5.17-rc1

v5.17-rc2

v5.17-rc3

v5.17-rc4

v5.17-rc5

v5.17-rc6

v5.17-rc7

v5.17-rc8

v5.18

v5.18-rc1

v5.18-rc2

v5.18-rc3

v5.18-rc4

v5.18-rc5

v5.18-rc6

v5.18-rc7

v5.19

v5.19-rc1

v5.19-rc2

v5.19-rc3

v5.19-rc4

v5.19-rc5

v5.19-rc6

v5.19-rc7

v5.19-rc8

v5.6

v5.6-rc3

v5.6-rc4

v5.6-rc5

v5.6-rc6

v5.6-rc7

v5.7

v5.7-rc1

v5.7-rc2

v5.7-rc3

v5.7-rc4

v5.7-rc5

v5.7-rc6

v5.7-rc7

v5.8

v5.8-rc1

v5.8-rc2

v5.8-rc3

v5.8-rc4

v5.8-rc5

v5.8-rc6

v5.8-rc7

v5.9

v5.9-rc1

v5.9-rc2

v5.9-rc3

v5.9-rc4

v5.9-rc5

v5.9-rc6

v5.9-rc7

v5.9-rc8

v6.*

v6.0

v6.0-rc1

v6.0-rc2

v6.0-rc3

v6.0-rc4

v6.0-rc5

v6.0-rc6

v6.0-rc7

v6.0.1

v6.0.2

v6.0.3

v6.0.4

v6.0.5

v6.0.6

v6.0.7

v6.0.8

v6.0.9

v6.1-rc1

v6.1-rc2

v6.1-rc3

v6.1-rc4

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.7.0

Fixed

6.0.10