U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVE-2022-48794 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: at86rf230: Stop leaking skb's Upon error the ieee802154_xmit_complete() helper is not called. Only ieee802154_wake_queue() is called manually. In the Tx case we then leak the skb structure. Free the skb structure upon error before returning when appropriate. As the 'is_tx = 0' cannot be moved in the complete handler because of a possible race between the delay in switching to STATE_RX_AACK_ON and a new interrupt, we introduce an intermediate 'was_tx' boolean just for this purpose. There is no Fixes tag applying here, many changes have been made on this area and the issue kind of always existed.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
https://git.kernel.org/stable/c/0fd484644c68897c490a3307bfcc8bf767df5a43
https://git.kernel.org/stable/c/0fd484644c68897c490a3307bfcc8bf767df5a43
https://git.kernel.org/stable/c/1c72f04d52b7200bb83426a9bed378668271ea4a
https://git.kernel.org/stable/c/1c72f04d52b7200bb83426a9bed378668271ea4a
https://git.kernel.org/stable/c/23b2a25382400168427ea278f3d8bf4ecfd333bf
https://git.kernel.org/stable/c/23b2a25382400168427ea278f3d8bf4ecfd333bf
https://git.kernel.org/stable/c/455ef08d6e5473526fa6763f75a93f7198206966
https://git.kernel.org/stable/c/455ef08d6e5473526fa6763f75a93f7198206966
https://git.kernel.org/stable/c/6312f6a53fd3ea38125dcaca5e3c9aa7d8a60cf7
https://git.kernel.org/stable/c/6312f6a53fd3ea38125dcaca5e3c9aa7d8a60cf7
https://git.kernel.org/stable/c/af649e5c95f56df64363bc46f6746b87819f9c0d
https://git.kernel.org/stable/c/af649e5c95f56df64363bc46f6746b87819f9c0d
https://git.kernel.org/stable/c/d2a1eaf51b7d4412319adb6acef114ba472d1692
https://git.kernel.org/stable/c/d2a1eaf51b7d4412319adb6acef114ba472d1692
https://git.kernel.org/stable/c/e5ce576d45bf72fd0e3dc37eff897bfcc488f6a9
https://git.kernel.org/stable/c/e5ce576d45bf72fd0e3dc37eff897bfcc488f6a9

Weakness Enumeration

CWE-ID CWE Name Source

Change History

2 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2022-48794
NVD Published Date:
07/16/2024
NVD Last Modified:
11/21/2024
Source:
kernel.org