| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025050154-CVE-2022-49881-3caa@gregkh> Date: Thu, 1 May 2025 16:11:11 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2022-49881: wifi: cfg80211: fix memory leak in query_regdb_file() From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix memory leak in query_regdb_file() In the function query_regdb_file() the alpha2 parameter is duplicated using kmemdup() and subsequently freed in regdb_fw_cb(). However, request_firmware_nowait() can fail without calling regdb_fw_cb() and thus leak memory. The Linux kernel CVE team has assigned CVE-2022-49881 to this issue. Affected and fixed versions =========================== Issue introduced in 4.15 with commit 007f6c5e6eb45c81ee89368a5f226572ae638831 and fixed in 4.19.267 with commit 219446396786330937bcd382a7bc4ccd767383bc Issue introduced in 4.15 with commit 007f6c5e6eb45c81ee89368a5f226572ae638831 and fixed in 5.4.225 with commit 0ede1a988299e95d54bd89551fd635980572e920 Issue introduced in 4.15 with commit 007f6c5e6eb45c81ee89368a5f226572ae638831 and fixed in 5.10.155 with commit e1e12180321f416d83444f2cdc9259e0f5093d35 Issue introduced in 4.15 with commit 007f6c5e6eb45c81ee89368a5f226572ae638831 and fixed in 5.15.79 with commit 38c9fa2cc6bf4b6e1a74057aef8b5cffd23d3264 Issue introduced in 4.15 with commit 007f6c5e6eb45c81ee89368a5f226572ae638831 and fixed in 6.0.9 with commit e9b5a4566d5bc71cc901be50d1fa24da00613120 Issue introduced in 4.15 with commit 007f6c5e6eb45c81ee89368a5f226572ae638831 and fixed in 6.1 with commit 57b962e627ec0ae53d4d16d7bd1033e27e67677a Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-49881 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: net/wireless/reg.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/219446396786330937bcd382a7bc4ccd767383bc https://git.kernel.org/stable/c/0ede1a988299e95d54bd89551fd635980572e920 https://git.kernel.org/stable/c/e1e12180321f416d83444f2cdc9259e0f5093d35 https://git.kernel.org/stable/c/38c9fa2cc6bf4b6e1a74057aef8b5cffd23d3264 https://git.kernel.org/stable/c/e9b5a4566d5bc71cc901be50d1fa24da00613120 https://git.kernel.org/stable/c/57b962e627ec0ae53d4d16d7bd1033e27e67677a
Powered by blists - more mailing lists