Vulnerabilities > CVE-2022-49020 - Memory Leak vulnerability in Linux Kernel
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
In the Linux kernel, the following vulnerability has been resolved: net/9p: Fix a potential socket leak in p9_socket_open Both p9_fd_create_tcp() and p9_fd_create_unix() will call p9_socket_open(). If the creation of p9_trans_fd fails, p9_fd_create_tcp() and p9_fd_create_unix() will return an error directly instead of releasing the cscoket, which will result in a socket leak. This patch adds sock_release() to fix the leak issue.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://git.kernel.org/stable/c/0396227f4daf4792a6a8aaa3b7771dc25c4cd443
- https://git.kernel.org/stable/c/ded893965b895b2dccd3d1436d8d3daffa23ea64
- https://git.kernel.org/stable/c/8b14bd0b500aec1458b51cb621c8e5fab3304260
- https://git.kernel.org/stable/c/2d24d91b9f44620824fc37b766f7cae00ca32748
- https://git.kernel.org/stable/c/e01c1542379fb395e7da53706df598f38905dfbf
- https://git.kernel.org/stable/c/8782b32ef867de7981bbe9e86ecb90e92e8780bd
- https://git.kernel.org/stable/c/aa08323fe18cb7cf95317ffa2d54ca1de8e74ebd
- https://git.kernel.org/stable/c/dcc14cfd7debe11b825cb077e75d91d2575b4cb8