CVE-2022-48909

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to commit 9f1c5ocf39167ff71dc5953a3234f3f6eeb8fcb5

Description The issue is related to a potential leak in the Linux kernel's net/smc component. The problem occurs when the tcp abort() function discards CLC CONFIRM messages that are still in the TCP send buffer, preventing the connection token from being delivered to the server side. This results in the inability to get a passive close message, making it impossible to disconnect. The patch provides a simple way to avoid this issue by actively aborting the SMC connection once the state has changed to SMC ACTIVE after tcp abort(). The smc close final() function is used to wait for the peer to close. Technical details include the use of sk->sk state to check the state of the socket and the send clc confirim function to send the CLC CONFIRM message.

Recommendations Update to a version of the Linux kernel that includes the patch for the net/smc connection leak issue, specifically a version post commit 9f1c5ocf39167ff71dc5953a3234f3f6eeb8fcb5.