CVE-2022-49183

MEDIUM EPSS 15.8%
Published Feb 26, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix ref leak when switching zones When switching zones or network namespaces without doing a ct clear in between, it is now leaking a reference to the old ct entry. That's because tcf_ct_skb_nfct_cached() returns false and tcf_ct_flow_table_lookup() may simply overwrite it. The fix is to, as the ct entry is not reusable, free it already at tcf_ct_skb_nfct_cached().

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
15.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 4

VendorProductVersionRange
linuxlinux_kernel*≥5.10.103  –  <5.11
linuxlinux_kernel*≥5.15.26  –  <5.15.33
linuxlinux_kernel*≥5.16.12  –  ≤5.16.19
linuxlinux_kernel*≥5.17  –  ≤5.17.2

References 5

  • git.kernel.org https://git.kernel.org/stable/c/4bb42d73def9411e5cad885b9811987d72431df1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9222a08be539cbb7a8e0d46cbc7ab9e4db273eb8
  • git.kernel.org https://git.kernel.org/stable/c/b24793a37d91aacad7cb9893b226a7924a89636a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bcb74e132a76ce0502bb33d5b65533a4ed72d159
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bcbf4e5c3b5b373cd61528392dd1ec8e9c0fd33d
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/4bb42d73def9411e5cad885b9811987d72431df1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b24793a37d91aacad7cb9893b226a7924a89636a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bcb74e132a76ce0502bb33d5b65533a4ed72d159
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bcbf4e5c3b5b373cd61528392dd1ec8e9c0fd33d
    Patch