PT-2025-18570 · Linux+4 · Linux Kernel+4

Published

2023-05-09

Updated

2025-07-10

CVE-2022-49853

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak issue has been identified in the Linux kernel, specifically in the macvlan common newlink function. The kmemleak tool reports memory leaks when the macvlan mode is configured as 'source' and the register netdevice function returns an error. This occurs because the resource generated by macvlan changelink sources is not cleaned up in the event of an error. The issue is resolved by executing macvlan flush sources to ensure resource cleanup in case of an error.

Recommendations To resolve the issue, apply the provided patch to ensure that macvlan flush sources is executed in case of an error, thereby preventing memory leaks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

CESA-2023_4517

CESA-2023_7077

CVE-2022-49853

RHSA-2023:2458

RHSA-2023:4517

RHSA-2023:7077

RHSA-2023_2458

RHSA-2023_4517

RHSA-2023_7077

SUSE-SU-2025:01918-1

SUSE-SU-2025:01966-1

SUSE-SU-2025:01983-1

SUSE-SU-2025:02173-1

SUSE-SU-2025:02262-1

SUSE-SU-2025:2173-1

SUSE-SU-2025_01983-1

SUSE-SU-2025_02173-1

SUSE-SU-2025_02262-1

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2025-18570 · Linux+4 · Linux Kernel+4

CVE-2022-49853

Weakness Enumeration

Related Identifiers

Affected Products

References · 654