CVE-2022-49020
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49020
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49020.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49020
- Related
- Published
- 2024-10-21T20:15:13Z
- Modified
- 2024-10-24T21:50:22.257683Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
net/9p: Fix a potential socket leak in p9socketopen
Both p9fdcreatetcp() and p9fdcreateunix() will call p9socketopen(). If the creation of p9transfd fails, p9fdcreatetcp() and p9fdcreateunix() will return an error directly instead of releasing the cscoket, which will result in a socket leak.
This patch adds sock_release() to fix the leak issue.
- References
-
- https://git.kernel.org/stable/c/0396227f4daf4792a6a8aaa3b7771dc25c4cd443
- https://git.kernel.org/stable/c/2d24d91b9f44620824fc37b766f7cae00ca32748
- https://git.kernel.org/stable/c/8782b32ef867de7981bbe9e86ecb90e92e8780bd
- https://git.kernel.org/stable/c/8b14bd0b500aec1458b51cb621c8e5fab3304260
- https://git.kernel.org/stable/c/aa08323fe18cb7cf95317ffa2d54ca1de8e74ebd
- https://git.kernel.org/stable/c/dcc14cfd7debe11b825cb077e75d91d2575b4cb8
- https://git.kernel.org/stable/c/ded893965b895b2dccd3d1436d8d3daffa23ea64
- https://git.kernel.org/stable/c/e01c1542379fb395e7da53706df598f38905dfbf
- https://security-tracker.debian.org/tracker/CVE-2022-49020
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.158-1
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source