CVE-2022-49183

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-49183
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49183.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-49183
Downstream
Related
Published
2025-02-26T07:00:55Z
Modified
2025-08-09T20:01:27Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

net/sched: act_ct: fix ref leak when switching zones

When switching zones or network namespaces without doing a ct clear in between, it is now leaking a reference to the old ct entry. That's because tcfctskbnfctcached() returns false and tcfctflowtablelookup() may simply overwrite it.

The fix is to, as the ct entry is not reusable, free it already at tcfctskbnfctcached().

References

Affected packages