CVE-2022-49013

Description

In the Linux kernel, the following vulnerability has been resolved: sctp: fix memory leak in sctp_stream_outq_migrate() When sctp_stream_outq_migrate() is called to release stream out resources, the memory pointed to by prio_head in stream out is not released. The memory leak information is as follows: unreferenced object 0xffff88801fe79f80 (size 64): comm "sctp_repo", pid 7957, jiffies 4294951704 (age 36.480s) hex dump (first 32 bytes): 80 9f e7 1f 80 88 ff ff 80 9f e7 1f 80 88 ff ff ................ 90 9f e7 1f 80 88 ff ff 90 9f e7 1f 80 88 ff ff ................ backtrace: [<ffffffff81b215c6>] kmalloc_trace+0x26/0x60 [<ffffffff88ae517c>] sctp_sched_prio_set+0x4cc/0x770 [<ffffffff88ad64f2>] sctp_stream_init_ext+0xd2/0x1b0 [<ffffffff88aa2604>] sctp_sendmsg_to_asoc+0x1614/0x1a30 [<ffffffff88ab7ff1>] sctp_sendmsg+0xda1/0x1ef0 [<ffffffff87f765ed>] inet_sendmsg+0x9d/0xe0 [<ffffffff8754b5b3>] sock_sendmsg+0xd3/0x120 [<ffffffff8755446a>] __sys_sendto+0x23a/0x340 [<ffffffff87554651>] __x64_sys_sendto+0xe1/0x1b0 [<ffffffff89978b49>] do_syscall_64+0x39/0xb0 [<ffffffff89a0008b>] entry_SYSCALL_64_after_hwframe+0x63/0xcd

Reserved 2024-08-22 | Published 2024-10-21 | Updated 2025-05-04 | Assigner Linux

Product status

Default status
unaffected

637784ade221a3c8a7ecd0f583eddd95d6276b9a before a7555681e50bdebed2c40ff7404ee73c2e932993
affected

637784ade221a3c8a7ecd0f583eddd95d6276b9a before 176ee6c673ccd118e9392fd2dbb165423bdb99ca
affected

637784ade221a3c8a7ecd0f583eddd95d6276b9a before 0dfb9a566327182387c90100ea54d8426cee8c67
affected

637784ade221a3c8a7ecd0f583eddd95d6276b9a before fa20f88271259d42ebe66f0a8c4c20199e888c99
affected

637784ade221a3c8a7ecd0f583eddd95d6276b9a before 9ed7bfc79542119ac0a9e1ce8a2a5285e43433e9
affected

Default status
affected

4.15
affected

Any version before 4.15
unaffected

5.4.226
unaffected

5.10.158
unaffected

5.15.82
unaffected

6.0.12
unaffected

6.1
unaffected

References

git.kernel.org/...c/a7555681e50bdebed2c40ff7404ee73c2e932993

git.kernel.org/...c/176ee6c673ccd118e9392fd2dbb165423bdb99ca

git.kernel.org/...c/0dfb9a566327182387c90100ea54d8426cee8c67

git.kernel.org/...c/fa20f88271259d42ebe66f0a8c4c20199e888c99

git.kernel.org/...c/9ed7bfc79542119ac0a9e1ce8a2a5285e43433e9

cve.org (CVE-2022-49013)

nvd.nist.gov (CVE-2022-49013)

Download JSON