An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.
References
Link | Resource |
---|---|
https://anas.openanolis.cn/cves/detail/CVE-2022-1678 | Third Party Advisory |
https://anas.openanolis.cn/errata/detail/ANSA-2022:0143 | Third Party Advisory |
https://bugzilla.openanolis.cn/show_bug.cgi?id=61 | Issue Tracking Patch Third Party Advisory |
https://gitee.com/anolis/cloud-kernel/commit/bed537da691b | Permissions Required |
https://github.com/torvalds/linux/commit/0a70f118475e037732557796accd0878a00fc25a | Patch Third Party Advisory |
https://lore.kernel.org/all/20200602080425.93712-1-kerneljasonxing%40gmail.com/ | |
https://security.netapp.com/advisory/ntap-20220715-0001/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Anolis
Published: 2022-05-25T14:49:30
Updated: 2022-07-15T15:06:58
Reserved: 2022-05-12T00:00:00
Link: CVE-2022-1678
JSON object: View
NVD Information
Status : Modified
Published: 2022-05-25T15:15:07.887
Modified: 2023-11-07T03:42:07.057
Link: CVE-2022-1678
JSON object: View
Redhat Information
No data.
CWE