CVE-2022-49807
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49807
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49807.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-49807
- Downstream
- Related
- Published
- 2025-05-01T14:09:33Z
- Modified
- 2025-10-21T11:02:43.499104Z
- Summary
- nvmet: fix a memory leak in nvmet_auth_set_key
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
nvmet: fix a memory leak in nvmetauthset_key
When changing dhchap secrets we need to release the old secrets as well.
kmemleak complaint:
unreferenced object 0xffff8c7f44ed8180 (size 64): comm "check", pid 7304, jiffies 4295686133 (age 72034.246s) hex dump (first 32 bytes): 44 48 48 43 2d 31 3a 30 30 3a 4c 64 4c 4f 64 71 DHHC-1:00:LdLOdq 79 56 69 67 77 48 55 32 6d 5a 59 4c 7a 35 59 38 yVigwHU2mZYLz5Y8 backtrace: [<00000000b6fc5071>] kstrdup+0x2e/0x60 [<00000000f0f4633f>] 0xffffffffc0e07ee6 [<0000000053006c05>] 0xffffffffc0dff783 [<00000000419ae922>] configfswriteiter+0xb1/0x120 [<000000008183c424>] vfswrite+0x2be/0x3c0 [<000000009005a2a5>] ksyswrite+0x5f/0xe0 [<00000000cd495c89>] dosyscall64+0x38/0x90 [<00000000f2a84ac5>] entrySYSCALL64afterhwframe+0x63/0xcd
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceddb1312dd95488b5e6ff362ff66fcf953a46b1821Fixed65710ea51d4a185592c7b14c9e33d0c4a364f074
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceddb1312dd95488b5e6ff362ff66fcf953a46b1821Fixed0a52566279b4ee65ecd2503d7b7342851f84755c
Affected versions
v6.*
Database specific
vanir_signatures
[
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@65710ea51d4a185592c7b14c9e33d0c4a364f074",
"signature_version": "v1",
"id": "CVE-2022-49807-41eca3cd",
"signature_type": "Function",
"digest": {
"function_hash": "9303818660452608797514850337325054665",
"length": 714.0
},
"deprecated": false,
"target": {
"function": "nvmet_auth_set_key",
"file": "drivers/nvme/target/auth.c"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0a52566279b4ee65ecd2503d7b7342851f84755c",
"signature_version": "v1",
"id": "CVE-2022-49807-6b3dbaea",
"signature_type": "Function",
"digest": {
"function_hash": "9303818660452608797514850337325054665",
"length": 714.0
},
"deprecated": false,
"target": {
"function": "nvmet_auth_set_key",
"file": "drivers/nvme/target/auth.c"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0a52566279b4ee65ecd2503d7b7342851f84755c",
"signature_version": "v1",
"id": "CVE-2022-49807-a8c8deb8",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"58139804318643666065042805592120298913",
"338964945476081180959843579212116475118",
"261996847408001185765204949622256409990",
"236083934876003019503054872503439585457",
"135123174525048424957657099341202673790",
"299051368742043449208634165519251650700",
"136057234313613908622242941384151851877"
]
},
"deprecated": false,
"target": {
"file": "drivers/nvme/target/auth.c"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@65710ea51d4a185592c7b14c9e33d0c4a364f074",
"signature_version": "v1",
"id": "CVE-2022-49807-db8a18ab",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"58139804318643666065042805592120298913",
"338964945476081180959843579212116475118",
"261996847408001185765204949622256409990",
"236083934876003019503054872503439585457",
"135123174525048424957657099341202673790",
"299051368742043449208634165519251650700",
"136057234313613908622242941384151851877"
]
},
"deprecated": false,
"target": {
"file": "drivers/nvme/target/auth.c"
}
}
]