CVE-2022-49808

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, related to the DSA (Distributed Switch Architecture) network driver. The issue was caused by a leak of tagger-owned storage when the switch driver was unbound. This problem arose from a change in the way the driver connected to individual switches within a tree, which led to the normal driver teardown code path not being replaced. To solve this issue, a function was added to perform the opposite of

dsa switch setup tag protocol()

, ensuring that tagger-owned storage is properly freed during driver teardown. The teardown sequence is designed to prevent use-after-free issues in tagging protocol operations.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for this vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.