{ "threat_severity" : "Moderate", "public_date" : "2025-12-24T00:00:00Z", "bugzilla" : { "description" : "kernel: Linux kernel: Denial of Service due to memory leak in netdevsim", "id" : "2425158", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2425158" }, "cvss3" : { "cvss3_base_score" : "5.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-772", "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nnetdevsim: fix memory leak in nsim_bus_dev_new()\nIf device_register() failed in nsim_bus_dev_new(), the value of reference\nin nsim_bus_dev->dev is 1. obj->name in nsim_bus_dev->dev will not be\nreleased.\nunreferenced object 0xffff88810352c480 (size 16):\ncomm \"echo\", pid 5691, jiffies 4294945921 (age 133.270s)\nhex dump (first 16 bytes):\n6e 65 74 64 65 76 73 69 6d 31 00 00 00 00 00 00 netdevsim1......\nbacktrace:\n[<000000005e2e5e26>] __kmalloc_node_track_caller+0x3a/0xb0\n[<0000000094ca4fc8>] kvasprintf+0xc3/0x160\n[<00000000aad09bcc>] kvasprintf_const+0x55/0x180\n[<000000009bac868d>] kobject_set_name_vargs+0x56/0x150\n[<000000007c1a5d70>] dev_set_name+0xbb/0xf0\n[<00000000ad0d126b>] device_add+0x1f8/0x1cb0\n[<00000000c222ae24>] new_device_store+0x3b6/0x5e0\n[<0000000043593421>] bus_attr_store+0x72/0xa0\n[<00000000cbb1833a>] sysfs_kf_write+0x106/0x160\n[<00000000d0dedb8a>] kernfs_fop_write_iter+0x3a8/0x5a0\n[<00000000770b66e2>] vfs_write+0x8f0/0xc80\n[<0000000078bb39be>] ksys_write+0x106/0x210\n[<00000000005e55a4>] do_syscall_64+0x35/0x80\n[<00000000eaa40bbc>] entry_SYSCALL_64_after_hwframe+0x46/0xb0", "A flaw was found in the Linux kernel's netdevsim component. A local user could exploit a memory leak vulnerability within the `nsim_bus_dev_new()` function. This occurs when `device_register()` fails, leading to an unreleased object name. This memory leak could potentially lead to a Denial of Service (DoS) on the system." ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-11-07T00:00:00Z", "advisory" : "RHSA-2023:6583", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-362.8.1.el9_3" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-11-07T00:00:00Z", "advisory" : "RHSA-2023:6583", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-362.8.1.el9_3" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Fix deferred", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Fix deferred", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Fix deferred", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-50772\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-50772\nhttps://lore.kernel.org/linux-cve-announce/2025122458-CVE-2022-50772-774d@gregkh/T" ], "name" : "CVE-2022-50772", "csaw" : false }