Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-49867

Опубликовано: 01 мая 2025
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix memory leak in ipc_wwan_dellink IOSM driver registers network device without setting the needs_free_netdev flag, and does NOT call free_netdev() when unregisters network device, which causes a memory leak. This patch sets needs_free_netdev to true when registers network device, which makes netdev subsystem call free_netdev() automatically after unregister_netdevice().

Отчет

This patch fixes a memory leak in the iosm WWAN driver. The driver failed to set needs_free_netdev = true when registering a network device, resulting in the memory not being freed during unregister_netdevice(). This oversight could lead to memory exhaustion over time if interfaces are frequently created and destroyed. The issue causes a kernel memory leak but does not involve privilege escalation, data corruption, or direct denial of service unless heavily exploited over time.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise Linux 8kernel-rtNot affected
Red Hat Enterprise Linux 9kernelFix deferred
Red Hat Enterprise Linux 9kernel-rtFix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=2363437kernel: net: wwan: iosm: fix memory leak in ipc_wwan_dellink

EPSS

Процентиль: 4%
0.00018
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-49867

CVSS3: 5.5
ubuntu
9 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix memory leak in ipc_wwan_dellink IOSM driver registers network device without setting the needs_free_netdev flag, and does NOT call free_netdev() when unregisters network device, which causes a memory leak. This patch sets needs_free_netdev to true when registers network device, which makes netdev subsystem call free_netdev() automatically after unregister_netdevice().

nvd логотип

CVE-2022-49867

CVSS3: 5.5
nvd
9 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix memory leak in ipc_wwan_dellink IOSM driver registers network device without setting the needs_free_netdev flag, and does NOT call free_netdev() when unregisters network device, which causes a memory leak. This patch sets needs_free_netdev to true when registers network device, which makes netdev subsystem call free_netdev() automatically after unregister_netdevice().

debian логотип

CVE-2022-49867

CVSS3: 5.5
debian
9 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: n ...

github логотип

GHSA-2crp-r6g2-9c5p

CVSS3: 5.5
github
9 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix memory leak in ipc_wwan_dellink IOSM driver registers network device without setting the needs_free_netdev flag, and does NOT call free_netdev() when unregisters network device, which causes a memory leak. This patch sets needs_free_netdev to true when registers network device, which makes netdev subsystem call free_netdev() automatically after unregister_netdevice().

EPSS

Процентиль: 4%
0.00018
Низкий

5.5 Medium

CVSS3