CVE-2022-49020: net/9p: Fix a potential socket leak in p9_socket_open
First published: Mon Oct 21 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: net/9p: Fix a potential socket leak in p9_socket_open Both p9_fd_create_tcp() and p9_fd_create_unix() will call p9_socket_open(). If the creation of p9_trans_fd fails, p9_fd_create_tcp() and p9_fd_create_unix() will return an error directly instead of releasing the cscoket, which will result in a socket leak. This patch adds sock_release() to fix the leak issue.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Linux kernel | >=2.6.33<4.9.335 | |
| Linux Linux kernel | >=4.10<4.14.301 | |
| Linux Linux kernel | >=4.15<4.19.268 | |
| Linux Linux kernel | >=4.20<5.4.226 | |
| Linux Linux kernel | >=5.5<5.10.158 | |
| Linux Linux kernel | >=5.11<5.15.82 | |
| Linux Linux kernel | >=5.16<6.0.12 | |
| Linux Linux kernel | =6.1-rc1 | |
| Linux Linux kernel | =6.1-rc2 | |
| Linux Linux kernel | =6.1-rc3 | |
| Linux Linux kernel | =6.1-rc4 | |
| Linux Linux kernel | =6.1-rc5 | |
| Linux Linux kernel | =6.1-rc6 | |
| Linux Linux kernel | =6.1-rc7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/0396227f4daf4792a6a8aaa3b7771dc25c4cd443
- https://git.kernel.org/stable/c/ded893965b895b2dccd3d1436d8d3daffa23ea64
- https://git.kernel.org/stable/c/8b14bd0b500aec1458b51cb621c8e5fab3304260
- https://git.kernel.org/stable/c/2d24d91b9f44620824fc37b766f7cae00ca32748
- https://git.kernel.org/stable/c/e01c1542379fb395e7da53706df598f38905dfbf
- https://git.kernel.org/stable/c/8782b32ef867de7981bbe9e86ecb90e92e8780bd
- https://git.kernel.org/stable/c/aa08323fe18cb7cf95317ffa2d54ca1de8e74ebd
- https://git.kernel.org/stable/c/dcc14cfd7debe11b825cb077e75d91d2575b4cb8
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/remedy
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/tags
- agent/softwarecombine
- vendor/linux
- canonical/linux linux kernel
- version/linux linux kernel/2.6.33
- version/linux linux kernel/4.10
- version/linux linux kernel/4.15
- version/linux linux kernel/4.20
- version/linux linux kernel/5.5
- version/linux linux kernel/5.11
- version/linux linux kernel/5.16
- version/linux linux kernel/6.1-rc1
- version/linux linux kernel/6.1-rc2
- version/linux linux kernel/6.1-rc3
- version/linux linux kernel/6.1-rc4
- version/linux linux kernel/6.1-rc5
- version/linux linux kernel/6.1-rc6
- version/linux linux kernel/6.1-rc7