CVE-2022-49803

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak issue has been identified in the Linux kernel, specifically in the netdevsim module. The issue occurs when the nsim dev trap fa cookie write() function allocates memory for fa cookie using kmalloc(), but this memory is not freed when the nsim drv remove() function is called. This results in an unreferenced object, as reported by kmemleak. The issue is triggered in scenarios where nsim dev trap fa cookie write() is called, followed by nsim drv remove(). The estimated number of potentially affected devices worldwide is not available.

Recommendations To fix the issue, add kfree(nsim dev->fa cookie) to nsim drv remove(). This will ensure that the allocated memory for fa cookie is properly freed, preventing the memory leak. At the moment, there is no information about a newer version that contains a fix for this vulnerability.