CVE-2022-48720
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
20/06/2024
Last modified:
01/10/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
net: macsec: Fix offload support for NETDEV_UNREGISTER event<br />
<br />
Current macsec netdev notify handler handles NETDEV_UNREGISTER event by<br />
releasing relevant SW resources only, this causes resources leak in case<br />
of macsec HW offload, as the underlay driver was not notified to clean<br />
it&#39;s macsec offload resources.<br />
<br />
Fix by calling the underlay driver to clean it&#39;s relevant resources<br />
by moving offload handling from macsec_dellink() to macsec_common_dellink()<br />
when handling NETDEV_UNREGISTER event.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.6 (including) | 5.10.99 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.22 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 5.16.8 (excluding) |
| cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/2e7f5b6ee1a7a2c628253a95b0a95b582901ef1b
- https://git.kernel.org/stable/c/8299be160aad8548071d080518712dec0df92bd5
- https://git.kernel.org/stable/c/9cef24c8b76c1f6effe499d2f131807c90f7ce9a
- https://git.kernel.org/stable/c/e7a0b3a0806dae3cc81931f0e83055ca2ac6f455
- https://git.kernel.org/stable/c/2e7f5b6ee1a7a2c628253a95b0a95b582901ef1b
- https://git.kernel.org/stable/c/8299be160aad8548071d080518712dec0df92bd5
- https://git.kernel.org/stable/c/9cef24c8b76c1f6effe499d2f131807c90f7ce9a
- https://git.kernel.org/stable/c/e7a0b3a0806dae3cc81931f0e83055ca2ac6f455