CVE-2022-49853

MEDIUM EPSS 8.0%
Published May 1, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 1, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: net: macvlan: fix memory leaks of macvlan_common_newlink kmemleak reports memory leaks in macvlan_common_newlink, as follows: ip link add link eth0 name .. type macvlan mode source macaddr add <MAC-ADDR> kmemleak reports: unreferenced object 0xffff8880109bb140 (size 64): comm "ip", pid 284, jiffies 4294986150 (age 430.108s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 b8 aa 5a 12 80 88 ff ff ..........Z..... 80 1b fa 0d 80 88 ff ff 1e ff ac af c7 c1 6b 6b ..............kk backtrace: [<ffffffff813e06a7>] kmem_cache_alloc_trace+0x1c7/0x300 [<ffffffff81b66025>] macvlan_hash_add_source+0x45/0xc0 [<ffffffff81b66a67>] macvlan_changelink_sources+0xd7/0x170 [<ffffffff81b6775c>] macvlan_common_newlink+0x38c/0x5a0 [<ffffffff81b6797e>] macvlan_newlink+0xe/0x20 [<ffffffff81d97f8f>] __rtnl_newlink+0x7af/0xa50 [<ffffffff81d98278>] rtnl_newlink+0x48/0x70 ... In the scenario where the macvlan mode is configured as 'source', macvlan_changelink_sources() will be execured to reconfigure list of remote source mac addresses, at the same time, if register_netdevice() return an error, the resource generated by macvlan_changelink_sources() is not cleaned up. Using this patch, in the case of an error, it will execute macvlan_flush_sources() to ensure that the resource is cleaned up.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
8.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 11

VendorProductVersionRange
linuxlinux_kernel*≥4.9  –  <4.9.334
linuxlinux_kernel*≥4.10  –  <4.14.300
linuxlinux_kernel*≥4.15  –  <4.19.267
linuxlinux_kernel*≥4.20  –  <5.4.225
linuxlinux_kernel*≥5.5  –  <5.10.155
linuxlinux_kernel*≥5.11  –  <5.15.79
linuxlinux_kernel*≥5.16  –  <6.0.9
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any

References 8

  • git.kernel.org https://git.kernel.org/stable/c/21d3a8b6a1e39e7529ce9de07316ee13a63f305b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/23569b5652ee8e8e55a12f7835f59af6f3cefc30
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/685e73e3f7a9fb75cbf049a9d0b7c45cc6b57b2e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/956e0216a19994443c90ba2ea6b0b284c9c4f9cb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9ea003c4671b2fc455320ecf6d4a43b0a3c1878a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9f288e338be206713d79b29144c27fca4503c39b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a81b44d1df1f07f00c0dcc0a0b3d2fa24a46289e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a8d67367ab33604326cc37ab44fd1801bf5691ba
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/21d3a8b6a1e39e7529ce9de07316ee13a63f305b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/23569b5652ee8e8e55a12f7835f59af6f3cefc30
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/685e73e3f7a9fb75cbf049a9d0b7c45cc6b57b2e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/956e0216a19994443c90ba2ea6b0b284c9c4f9cb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9ea003c4671b2fc455320ecf6d4a43b0a3c1878a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9f288e338be206713d79b29144c27fca4503c39b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a81b44d1df1f07f00c0dcc0a0b3d2fa24a46289e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a8d67367ab33604326cc37ab44fd1801bf5691ba
    Patch