{ "threat_severity" : "Moderate", "public_date" : "2025-05-01T00:00:00Z", "bugzilla" : { "description" : "kernel: net: macvlan: fix memory leaks of macvlan_common_newlink", "id" : "2363383", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2363383" }, "cvss3" : { "cvss3_base_score" : "5.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-401", "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nnet: macvlan: fix memory leaks of macvlan_common_newlink\nkmemleak reports memory leaks in macvlan_common_newlink, as follows:\nip link add link eth0 name .. type macvlan mode source macaddr add\n\nkmemleak reports:\nunreferenced object 0xffff8880109bb140 (size 64):\ncomm \"ip\", pid 284, jiffies 4294986150 (age 430.108s)\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 b8 aa 5a 12 80 88 ff ff ..........Z.....\n80 1b fa 0d 80 88 ff ff 1e ff ac af c7 c1 6b 6b ..............kk\nbacktrace:\n[] kmem_cache_alloc_trace+0x1c7/0x300\n[] macvlan_hash_add_source+0x45/0xc0\n[] macvlan_changelink_sources+0xd7/0x170\n[] macvlan_common_newlink+0x38c/0x5a0\n[] macvlan_newlink+0xe/0x20\n[] __rtnl_newlink+0x7af/0xa50\n[] rtnl_newlink+0x48/0x70\n...\nIn the scenario where the macvlan mode is configured as 'source',\nmacvlan_changelink_sources() will be execured to reconfigure list of\nremote source mac addresses, at the same time, if register_netdevice()\nreturn an error, the resource generated by macvlan_changelink_sources()\nis not cleaned up.\nUsing this patch, in the case of an error, it will execute\nmacvlan_flush_sources() to ensure that the resource is cleaned up." ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-08-08T00:00:00Z", "advisory" : "RHSA-2023:4517", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "kernel-0:4.18.0-477.21.1.el8_8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-11-14T00:00:00Z", "advisory" : "RHSA-2023:7077", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "kernel-0:4.18.0-513.5.1.el8_9" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-05-09T00:00:00Z", "advisory" : "RHSA-2023:2458", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-284.11.1.el9_2" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-05-09T00:00:00Z", "advisory" : "RHSA-2023:2458", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-284.11.1.el9_2" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Out of support scope", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Fix deferred", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-49853\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-49853\nhttps://lore.kernel.org/linux-cve-announce/2025050144-CVE-2022-49853-a5ef@gregkh/T" ], "name" : "CVE-2022-49853", "csaw" : false }