CVE-2022-49183

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-49183

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49183.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-49183

Downstream

DEBIAN-CVE-2022-49183

OESA-2025-1963

OESA-2025-1964

SUSE-SU-2025:1176-1

SUSE-SU-2025:1241-1

UBUNTU-CVE-2022-49183

Related

Published

2025-02-26T07:00:55Z

Modified

2025-08-09T20:01:27Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

net/sched: act_ct: fix ref leak when switching zones

When switching zones or network namespaces without doing a ct clear in between, it is now leaking a reference to the old ct entry. That's because tcfctskbnfctcached() returns false and tcfctflowtablelookup() may simply overwrite it.

The fix is to, as the ct entry is not reusable, free it already at tcfctskbnfctcached().

References

Affected packages