{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-48794", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-16T11:38:08.894Z", "datePublished": "2024-07-16T11:43:49.434Z", "dateUpdated": "2024-09-11T17:34:15.221Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-07-16T11:43:49.434Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: at86rf230: Stop leaking skb's\n\nUpon error the ieee802154_xmit_complete() helper is not called. Only\nieee802154_wake_queue() is called manually. In the Tx case we then leak\nthe skb structure.\n\nFree the skb structure upon error before returning when appropriate.\n\nAs the 'is_tx = 0' cannot be moved in the complete handler because of a\npossible race between the delay in switching to STATE_RX_AACK_ON and a\nnew interrupt, we introduce an intermediate 'was_tx' boolean just for\nthis purpose.\n\nThere is no Fixes tag applying here, many changes have been made on this\narea and the issue kind of always existed."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ieee802154/at86rf230.c"], "versions": [{"version": "1da177e4c3f4", "lessThan": "d2a1eaf51b7d", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "af649e5c95f5", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "6312f6a53fd3", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "455ef08d6e54", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "0fd484644c68", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "23b2a2538240", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "1c72f04d52b7", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "e5ce576d45bf", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ieee802154/at86rf230.c"], "versions": [{"version": "4.9.303", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.14.268", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.19.231", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.181", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.102", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.25", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.16.11", "lessThanOrEqual": "5.16.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.17", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/d2a1eaf51b7d4412319adb6acef114ba472d1692"}, {"url": "https://git.kernel.org/stable/c/af649e5c95f56df64363bc46f6746b87819f9c0d"}, {"url": "https://git.kernel.org/stable/c/6312f6a53fd3ea38125dcaca5e3c9aa7d8a60cf7"}, {"url": "https://git.kernel.org/stable/c/455ef08d6e5473526fa6763f75a93f7198206966"}, {"url": "https://git.kernel.org/stable/c/0fd484644c68897c490a3307bfcc8bf767df5a43"}, {"url": "https://git.kernel.org/stable/c/23b2a25382400168427ea278f3d8bf4ecfd333bf"}, {"url": "https://git.kernel.org/stable/c/1c72f04d52b7200bb83426a9bed378668271ea4a"}, {"url": "https://git.kernel.org/stable/c/e5ce576d45bf72fd0e3dc37eff897bfcc488f6a9"}], "title": "net: ieee802154: at86rf230: Stop leaking skb's", "x_generator": {"engine": "bippy-c9c4e1df01b2"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:25:01.536Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/d2a1eaf51b7d4412319adb6acef114ba472d1692", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/af649e5c95f56df64363bc46f6746b87819f9c0d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6312f6a53fd3ea38125dcaca5e3c9aa7d8a60cf7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/455ef08d6e5473526fa6763f75a93f7198206966", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0fd484644c68897c490a3307bfcc8bf767df5a43", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/23b2a25382400168427ea278f3d8bf4ecfd333bf", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/1c72f04d52b7200bb83426a9bed378668271ea4a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e5ce576d45bf72fd0e3dc37eff897bfcc488f6a9", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48794", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:59:25.809621Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:34:15.221Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/d2a1eaf51b7d4412319adb6acef114ba472d1692", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/af649e5c95f56df64363bc46f6746b87819f9c0d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6312f6a53fd3ea38125dcaca5e3c9aa7d8a60cf7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/455ef08d6e5473526fa6763f75a93f7198206966", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0fd484644c68897c490a3307bfcc8bf767df5a43", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/23b2a25382400168427ea278f3d8bf4ecfd333bf", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/1c72f04d52b7200bb83426a9bed378668271ea4a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e5ce576d45bf72fd0e3dc37eff897bfcc488f6a9", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:25:01.536Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48794", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:59:25.809621Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:21.614Z"}}], "cna": {"title": "net: ieee802154: at86rf230: Stop leaking skb's", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "d2a1eaf51b7d", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "af649e5c95f5", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "6312f6a53fd3", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "455ef08d6e54", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "0fd484644c68", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "23b2a2538240", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "1c72f04d52b7", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "e5ce576d45bf", "versionType": "git"}], "programFiles": ["drivers/net/ieee802154/at86rf230.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "unaffected", "version": "4.9.303", "versionType": "custom", "lessThanOrEqual": "4.9.*"}, {"status": "unaffected", "version": "4.14.268", "versionType": "custom", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.231", "versionType": "custom", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.181", "versionType": "custom", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.102", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.25", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "5.16.11", "versionType": "custom", "lessThanOrEqual": "5.16.*"}, {"status": "unaffected", "version": "5.17", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/net/ieee802154/at86rf230.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/d2a1eaf51b7d4412319adb6acef114ba472d1692"}, {"url": "https://git.kernel.org/stable/c/af649e5c95f56df64363bc46f6746b87819f9c0d"}, {"url": "https://git.kernel.org/stable/c/6312f6a53fd3ea38125dcaca5e3c9aa7d8a60cf7"}, {"url": "https://git.kernel.org/stable/c/455ef08d6e5473526fa6763f75a93f7198206966"}, {"url": "https://git.kernel.org/stable/c/0fd484644c68897c490a3307bfcc8bf767df5a43"}, {"url": "https://git.kernel.org/stable/c/23b2a25382400168427ea278f3d8bf4ecfd333bf"}, {"url": "https://git.kernel.org/stable/c/1c72f04d52b7200bb83426a9bed378668271ea4a"}, {"url": "https://git.kernel.org/stable/c/e5ce576d45bf72fd0e3dc37eff897bfcc488f6a9"}], "x_generator": {"engine": "bippy-c9c4e1df01b2"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: at86rf230: Stop leaking skb's\n\nUpon error the ieee802154_xmit_complete() helper is not called. Only\nieee802154_wake_queue() is called manually. In the Tx case we then leak\nthe skb structure.\n\nFree the skb structure upon error before returning when appropriate.\n\nAs the 'is_tx = 0' cannot be moved in the complete handler because of a\npossible race between the delay in switching to STATE_RX_AACK_ON and a\nnew interrupt, we introduce an intermediate 'was_tx' boolean just for\nthis purpose.\n\nThere is no Fixes tag applying here, many changes have been made on this\narea and the issue kind of always existed."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-07-16T11:43:49.434Z"}}}, "cveMetadata": {"cveId": "CVE-2022-48794", "state": "PUBLISHED", "dateUpdated": "2024-09-11T17:34:15.221Z", "dateReserved": "2024-07-16T11:38:08.894Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-07-16T11:43:49.434Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: at86rf230: Stop leaking skb's\n\nUpon error the ieee802154_xmit_complete() helper is not called. Only\nieee802154_wake_queue() is called manually. In the Tx case we then leak\nthe skb structure.\n\nFree the skb structure upon error before returning when appropriate.\n\nAs the 'is_tx = 0' cannot be moved in the complete handler because of a\npossible race between the delay in switching to STATE_RX_AACK_ON and a\nnew interrupt, we introduce an intermediate 'was_tx' boolean just for\nthis purpose.\n\nThere is no Fixes tag applying here, many changes have been made on this\narea and the issue kind of always existed."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: ieee802154: at86rf230: Detener la fuga de skb. En caso de error, no se llama al asistente ieee802154_xmit_complete(). Solo se llama manualmente a ieee802154_wake_queue(). En el caso de Tx, filtramos la estructura skb. Libere la estructura skb en caso de error antes de regresar cuando sea apropiado. Como 'is_tx = 0' no se puede mover en el controlador completo debido a una posible ejecuci\u00f3n entre el retraso en el cambio a STATE_RX_AACK_ON y una nueva interrupci\u00f3n, introducimos un booleano intermedio 'was_tx' solo para este prop\u00f3sito. No se aplica ninguna etiqueta de Correcciones aqu\u00ed, se han realizado muchos cambios en esta \u00e1rea y el problema siempre existi\u00f3."}], "id": "CVE-2022-48794", "lastModified": "2024-07-16T13:43:58.773", "metrics": {}, "published": "2024-07-16T12:15:04.147", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/0fd484644c68897c490a3307bfcc8bf767df5a43"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1c72f04d52b7200bb83426a9bed378668271ea4a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/23b2a25382400168427ea278f3d8bf4ecfd333bf"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/455ef08d6e5473526fa6763f75a93f7198206966"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6312f6a53fd3ea38125dcaca5e3c9aa7d8a60cf7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/af649e5c95f56df64363bc46f6746b87819f9c0d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d2a1eaf51b7d4412319adb6acef114ba472d1692"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e5ce576d45bf72fd0e3dc37eff897bfcc488f6a9"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: net: ieee802154: at86rf230: Stop leaking skb's", "id": "2298130", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298130"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "status": "draft"}, "cwe": "(CWE-371|CWE-401)", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnet: ieee802154: at86rf230: Stop leaking skb's\nUpon error the ieee802154_xmit_complete() helper is not called. Only\nieee802154_wake_queue() is called manually. In the Tx case we then leak\nthe skb structure.\nFree the skb structure upon error before returning when appropriate.\nAs the 'is_tx = 0' cannot be moved in the complete handler because of a\npossible race between the delay in switching to STATE_RX_AACK_ON and a\nnew interrupt, we introduce an intermediate 'was_tx' boolean just for\nthis purpose.\nThere is no Fixes tag applying here, many changes have been made on this\narea and the issue kind of always existed."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2022-48794", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-07-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-48794\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-48794\nhttps://lore.kernel.org/linux-cve-announce/2024071642-CVE-2022-48794-15e8@gregkh/T"], "statement": "Red Hat Enterprise Linux is not impacted by this CVE, as the vulnerability in question does not affect the specific versions or configurations of the Linux kernel used in its distributions. This ensures that users of Red Hat Enterprise Linux are not exposed to the potential risks associated with this issue, and no further action or mitigation is necessary for systems running this operating system.", "threat_severity": "Moderate", "upstream_fix": "kernel 4.9.303, kernel 4.14.268, kernel 4.19.231, kernel 5.4.181, kernel 5.10.102, kernel 5.15.25, kernel 5.16.11, kernel 5.17"}