CVE-2022-49207

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak issue has been identified in the Linux kernel, specifically in the bpf and sockmap components. The problem occurs when the tcp bpf sendmsg function is running during a tear-down operation, potentially causing data to be enqueued on the ingress message queue while the tear-down process attempts to free it. This can lead to memory leaks and warnings, such as WARNING: CPU: 0 PID: 9202 at net/core/stream.c:205 sk stream kill queues+0xc8/0xe0 and WARNING: CPU: 0 PID: 531 at net/ipv4/af inet.c:154 inet sock destruct+0x175/0x1b0. The issue involves functions like tcp bpf sendmsg(), tcp bpf send verdict(), bpf tcp ingress(), and sk psock queue msg(), as well as variables such as psock and SK PSOCK TX ENABLED. To fix the issue, sk msg free() and kfree() are used.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.