{ "threat_severity" : "Low", "public_date" : "2025-02-26T00:00:00Z", "bugzilla" : { "description" : "kernel: wireguard: socket: free skb in send6 when ipv6 is disabled", "id" : "2348284", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2348284" }, "cvss3" : { "cvss3_base_score" : "5.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-401", "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nwireguard: socket: free skb in send6 when ipv6 is disabled\nI got a memory leak report:\nunreferenced object 0xffff8881191fc040 (size 232):\ncomm \"kworker/u17:0\", pid 23193, jiffies 4295238848 (age 3464.870s)\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace:\n[] slab_post_alloc_hook+0x84/0x3b0\n[] kmem_cache_alloc_node+0x167/0x340\n[] __alloc_skb+0x1db/0x200\n[] wg_socket_send_buffer_to_peer+0x3d/0xc0\n[] wg_packet_send_handshake_initiation+0xfa/0x110\n[] wg_packet_handshake_send_worker+0x21/0x30\n[] process_one_work+0x2e8/0x770\n[] worker_thread+0x4a/0x4b0\n[] kthread+0x120/0x160\n[] ret_from_fork+0x1f/0x30\nIn function wg_socket_send_buffer_as_reply_to_skb() or wg_socket_send_\nbuffer_to_peer(), the semantics of send6() is required to free skb. But\nwhen CONFIG_IPV6 is disable, kfree_skb() is missing. This patch adds it\nto fix this bug.", "A flaw was found in the WireGuard module in the Linux kernel. A memory leak can occur due to a missing memory release when the IPv6 (CONFIG_IPV6) support is disabled, potentially impacting system performance and possibly resulting in a denial of service." ], "statement" : "The WireGuard module is not built in the Linux kernel as shipped in Red Hat Enterprise Linux 6, 7 and 8, so this vulnerability does not affect these Red Hat Enterprise Linux versions.\nThis issue has been fixed in Red Hat Enterprise Linux 9.1 via RHSA-2022:8267 [1].\n[1]. https://access.redhat.com/errata/RHSA-2022:8267", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2022-11-15T00:00:00Z", "advisory" : "RHSA-2022:8267", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-162.6.1.el9_1" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2022-11-15T00:00:00Z", "advisory" : "RHSA-2022:8267", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-162.6.1.el9_1" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-49153\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-49153\nhttps://lore.kernel.org/linux-cve-announce/2025022609-CVE-2022-49153-972a@gregkh/T" ], "name" : "CVE-2022-49153", "mitigation" : { "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "lang" : "en:us" }, "csaw" : false }