CVE-2022-49807
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
01/05/2025
Last modified:
02/05/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
nvmet: fix a memory leak in nvmet_auth_set_key<br />
<br />
When changing dhchap secrets we need to release the old<br />
secrets as well.<br />
<br />
kmemleak complaint:<br />
--<br />
unreferenced object 0xffff8c7f44ed8180 (size 64):<br />
comm "check", pid 7304, jiffies 4295686133 (age 72034.246s)<br />
hex dump (first 32 bytes):<br />
44 48 48 43 2d 31 3a 30 30 3a 4c 64 4c 4f 64 71 DHHC-1:00:LdLOdq<br />
79 56 69 67 77 48 55 32 6d 5a 59 4c 7a 35 59 38 yVigwHU2mZYLz5Y8<br />
backtrace:<br />
[] kstrdup+0x2e/0x60<br />
[] 0xffffffffc0e07ee6<br />
[] 0xffffffffc0dff783<br />
[] configfs_write_iter+0xb1/0x120<br />
[] vfs_write+0x2be/0x3c0<br />
[] ksys_write+0x5f/0xe0<br />
[] do_syscall_64+0x38/0x90<br />
[] entry_SYSCALL_64_after_hwframe+0x63/0xcd