Linux · Linux Kernel · CVE-2022-48748
Name of the Vulnerable Software and Affected Versions:
Linux kernel (affected versions not specified)
Description:
The issue is related to a memory leak in the Linux kernel's bridge component when using per-vlan state. If vlan snooping and stats are disabled, untagged or priority-tagged ingress frames will be dropped but the skb memory is not freed. This can lead to a denial of service. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.