In the Linux kernel, the following vulnerability has been resolved:
netfilter: nftables: fix percpu memory leak at nftables_addchain()
It seems to me that percpu memory for chain stats started leaking since commit 3bc158f8d0330f0a ("netfilter: nftables: map basechain priority to hardware priority") when nftchainoffloadpriority() returned an error.
[ { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9a4d6dd554b86e65581ef6b6638a39ae079b17ac", "signature_version": "v1", "target": { "function": "nf_tables_addchain", "file": "net/netfilter/nf_tables_api.c" }, "digest": { "function_hash": "42384173895106465877995026462746217463", "length": 2840.0 }, "id": "CVE-2022-48642-2d7be8df" }, { "signature_type": "Line", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@985b031667c3177b9e7fb9787b989628e4271714", "signature_version": "v1", "target": { "file": "net/netfilter/nf_tables_api.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "204587774008535719788252580989962843675", "123929436361683685537328161015063187912", "121443924845365930011198963642849191692", "115761660287870625849458945705454019517" ] }, "id": "CVE-2022-48642-5ba304bc" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@985b031667c3177b9e7fb9787b989628e4271714", "signature_version": "v1", "target": { "function": "nf_tables_addchain", "file": "net/netfilter/nf_tables_api.c" }, "digest": { "function_hash": "42384173895106465877995026462746217463", "length": 2840.0 }, "id": "CVE-2022-48642-963e8555" }, { "signature_type": "Line", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9a4d6dd554b86e65581ef6b6638a39ae079b17ac", "signature_version": "v1", "target": { "file": "net/netfilter/nf_tables_api.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "204587774008535719788252580989962843675", "123929436361683685537328161015063187912", "121443924845365930011198963642849191692", "115761660287870625849458945705454019517" ] }, "id": "CVE-2022-48642-9a8f5878" } ]