CVE-2022-48643

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-48643
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48643.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-48643
Downstream
Published
2024-04-28T13:00:03.181Z
Modified
2025-11-28T06:35:39.006574Z
Summary
netfilter: nf_tables: fix nft_counters_enabled underflow at nf_tables_addchain()
Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nftables: fix nftcountersenabled underflow at nftables_addchain()

syzbot is reporting underflow of nftcountersenabled counter at nftablesaddchain() [1], for commit 43eb8949cfdffa76 ("netfilter: nftables: do not leave chain stats enabled on error") missed that nftableschaindestroy() after nftbasechaininit() in the error path of nftablesaddchain() decrements the counter because nftbasechaininit() makes nftisbasechain() return true by setting NFTCHAIN_BASE flag.

Increment the counter immediately after returning from nftbasechaininit().

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48643.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
c907dfe4eaca9665694a0340de1458a093abe354
Fixed
710e3f526bd23a0d33435dedc52c3144de284378
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6d7ddee503951641f3ec6f0e3269446970bbcdab
Fixed
91aa52652f4b37089aff3cb53e83049d826fef6d
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
98a621ef45e3605c7487f7fa6fec7df94697d6a2
Fixed
8bcad2a931313aeba076b76922d5813ef97d0a91
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
43eb8949cfdffa764b92bc6c54b87cbe5b0003fe
Fixed
921ebde3c0d22c8cba74ce8eb3cc4626abff1ccd

Affected versions

v5.*

v5.10.140
v5.10.141
v5.10.142
v5.10.143
v5.10.144
v5.10.145
v5.15.64
v5.15.65
v5.15.66
v5.15.67
v5.15.68
v5.15.69
v5.15.70
v5.19.10
v5.19.11
v5.19.6
v5.19.7
v5.19.8
v5.19.9

v6.*

v6.0-rc2
v6.0-rc3
v6.0-rc4

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48643.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.10.140
Fixed
5.10.146
Type
ECOSYSTEM
Events
Introduced
5.15.64
Fixed
5.15.71
Type
ECOSYSTEM
Events
Introduced
5.19.6
Fixed
5.19.12

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48643.json"