CVE-2022-49153

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> wireguard: socket: free skb in send6 when ipv6 is disabled<br /> <br /> I got a memory leak report:<br /> <br /> unreferenced object 0xffff8881191fc040 (size 232):<br /> comm "kworker/u17:0", pid 23193, jiffies 4295238848 (age 3464.870s)<br /> hex dump (first 32 bytes):<br /> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................<br /> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................<br /> backtrace:<br /> [] slab_post_alloc_hook+0x84/0x3b0<br /> [] kmem_cache_alloc_node+0x167/0x340<br /> [] __alloc_skb+0x1db/0x200<br /> [] wg_socket_send_buffer_to_peer+0x3d/0xc0<br /> [] wg_packet_send_handshake_initiation+0xfa/0x110<br /> [] wg_packet_handshake_send_worker+0x21/0x30<br /> [] process_one_work+0x2e8/0x770<br /> [] worker_thread+0x4a/0x4b0<br /> [] kthread+0x120/0x160<br /> [] ret_from_fork+0x1f/0x30<br /> <br /> In function wg_socket_send_buffer_as_reply_to_skb() or wg_socket_send_<br /> buffer_to_peer(), the semantics of send6() is required to free skb. But<br /> when CONFIG_IPV6 is disable, kfree_skb() is missing. This patch adds it<br /> to fix this bug.