Bug 2320682 (CVE-2022-48968)

Summary:	CVE-2022-48968 kernel: octeontx2-pf: Fix potential memory leak in otx2_init_tc()
Product:	[Other] Security Response	Reporter:	OSIDB Bzimport <bzimport>
Component:	vulnerability	Assignee:	Product Security DevOps Team <prodsec-dev>
Status:	NEW ---	QA Contact:
Severity:	low	Docs Contact:
Priority:	low
Version:	unspecified	CC:	dfreiber, drow, jburrell, vkumar
Target Milestone:	---	Keywords:	Security
Target Release:	---
Hardware:	All
OS:	Linux
Whiteboard:
Fixed In Version:		Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in the rvu_nicpf module in the Linux kernel. A memory leak can occur due to an improper error handling, potentially impacting system performance and possibly resulting in a denial of service.	Story Points:	---
Clone Of:		Environment:
Last Closed:		Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description OSIDB Bzimport 2024-10-21 21:02:31 UTC

In the Linux kernel, the following vulnerability has been resolved:

octeontx2-pf: Fix potential memory leak in otx2_init_tc()

In otx2_init_tc(), if rhashtable_init() failed, it does not free
tc->tc_entries_bitmap which is allocated in otx2_tc_alloc_ent_bitmap().

Comment 1 Avinash Hanwate 2024-10-22 08:18:43 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024102144-CVE-2022-48968-9b4a@gregkh/T