CVE-2022-48642 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain() It seems to me that percpu memory for chain stats started leaking since commit 3bc158f8d0330f0a ("netfilter: nf_tables: map basechain priority to hardware priority") when nft_chain_offload_priority() returned an error.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/08d7524f366a886b99b1630a24a27dd6e0d7f852
https://git.kernel.org/stable/c/985b031667c3177b9e7fb9787b989628e4271714
https://git.kernel.org/stable/c/9a4d6dd554b86e65581ef6b6638a39ae079b17ac
https://git.kernel.org/stable/c/b043a525a3f5520abb676a7cd8f6328fdf959e88
https://lore.kernel.org/linux-cve-announce/2024042856-CVE-2022-48642-b65b@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2022-48642
https://www.cve.org/CVERecord?id=CVE-2022-48642

History

No history.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-04-28T12:59:57.575Z

Updated: 2024-08-03T15:17:55.652Z

Reserved: 2024-02-25T13:44:28.316Z

Link: CVE-2022-48642

Vulnrichment

Updated: 2024-08-03T15:17:55.652Z

NVD

Status : Awaiting Analysis

Published: 2024-04-28T13:15:07.000

Modified: 2024-04-29T12:42:03.667

Link: CVE-2022-48642

Redhat

Severity : Low

Publid Date: 2024-04-28T00:00:00Z

Links: CVE-2022-48642 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-48642", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-25T13:44:28.316Z", "datePublished": "2024-04-28T12:59:57.575Z", "dateUpdated": "2024-08-03T15:17:55.652Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:10:43.641Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()\n\nIt seems to me that percpu memory for chain stats started leaking since\ncommit 3bc158f8d0330f0a (\"netfilter: nf_tables: map basechain priority to\nhardware priority\") when nft_chain_offload_priority() returned an error."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/netfilter/nf_tables_api.c"], "versions": [{"version": "3bc158f8d033", "lessThan": "b043a525a3f5", "status": "affected", "versionType": "git"}, {"version": "3bc158f8d033", "lessThan": "08d7524f366a", "status": "affected", "versionType": "git"}, {"version": "3bc158f8d033", "lessThan": "985b031667c3", "status": "affected", "versionType": "git"}, {"version": "3bc158f8d033", "lessThan": "9a4d6dd554b8", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/netfilter/nf_tables_api.c"], "versions": [{"version": "5.3", "status": "affected"}, {"version": "0", "lessThan": "5.3", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.146", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.71", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.19.12", "lessThanOrEqual": "5.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/b043a525a3f5520abb676a7cd8f6328fdf959e88"}, {"url": "https://git.kernel.org/stable/c/08d7524f366a886b99b1630a24a27dd6e0d7f852"}, {"url": "https://git.kernel.org/stable/c/985b031667c3177b9e7fb9787b989628e4271714"}, {"url": "https://git.kernel.org/stable/c/9a4d6dd554b86e65581ef6b6638a39ae079b17ac"}], "title": "netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-17T19:09:12.381196Z", "id": "CVE-2022-48642", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-17T19:09:22.049Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:17:55.652Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/b043a525a3f5520abb676a7cd8f6328fdf959e88", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/08d7524f366a886b99b1630a24a27dd6e0d7f852", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/985b031667c3177b9e7fb9787b989628e4271714", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9a4d6dd554b86e65581ef6b6638a39ae079b17ac", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/b043a525a3f5520abb676a7cd8f6328fdf959e88", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/08d7524f366a886b99b1630a24a27dd6e0d7f852", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/985b031667c3177b9e7fb9787b989628e4271714", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9a4d6dd554b86e65581ef6b6638a39ae079b17ac", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:17:55.652Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48642", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-17T19:09:12.381196Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-17T19:09:17.720Z"}}], "cna": {"title": "netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "3bc158f8d033", "lessThan": "b043a525a3f5", "versionType": "git"}, {"status": "affected", "version": "3bc158f8d033", "lessThan": "08d7524f366a", "versionType": "git"}, {"status": "affected", "version": "3bc158f8d033", "lessThan": "985b031667c3", "versionType": "git"}, {"status": "affected", "version": "3bc158f8d033", "lessThan": "9a4d6dd554b8", "versionType": "git"}], "programFiles": ["net/netfilter/nf_tables_api.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.3"}, {"status": "unaffected", "version": "0", "lessThan": "5.3", "versionType": "custom"}, {"status": "unaffected", "version": "5.10.146", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.71", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "5.19.12", "versionType": "custom", "lessThanOrEqual": "5.19.*"}, {"status": "unaffected", "version": "6.0", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/netfilter/nf_tables_api.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/b043a525a3f5520abb676a7cd8f6328fdf959e88"}, {"url": "https://git.kernel.org/stable/c/08d7524f366a886b99b1630a24a27dd6e0d7f852"}, {"url": "https://git.kernel.org/stable/c/985b031667c3177b9e7fb9787b989628e4271714"}, {"url": "https://git.kernel.org/stable/c/9a4d6dd554b86e65581ef6b6638a39ae079b17ac"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()\n\nIt seems to me that percpu memory for chain stats started leaking since\ncommit 3bc158f8d0330f0a (\"netfilter: nf_tables: map basechain priority to\nhardware priority\") when nft_chain_offload_priority() returned an error."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:10:43.641Z"}}}, "cveMetadata": {"cveId": "CVE-2022-48642", "state": "PUBLISHED", "dateUpdated": "2024-08-03T15:17:55.652Z", "dateReserved": "2024-02-25T13:44:28.316Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-04-28T12:59:57.575Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}