Bug 2155501 (CVE-2022-3646) - CVE-2022-3646 kernel: nilfs2: memory leak in nilfs_attach_log_writer in fs/nilfs2/segment.c
Summary: CVE-2022-3646 kernel: nilfs2: memory leak in nilfs_attach_log_writer in fs/ni...
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2022-3646
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 2136784
TreeView+ depends on / blocked
 
Reported: 2022-12-21 11:17 UTC by Mauro Matteo Cascella
Modified: 2023-02-07 11:59 UTC (History)
37 users (show)

Fixed In Version: kernel 6.1-rc1
Clone Of:
Environment:
Last Closed: 2022-12-21 11:22:46 UTC
Embargoed:

Attachments (Terms of Use)

Description Mauro Matteo Cascella 2022-12-21 11:17:26 UTC 
A flaw was found in the NILFS2 file system implementation in the Linux kernel. If nilfs_attach_log_writer() failed to create a log writer thread, it frees a data structure of the log writer without any cleanup, causing a leak of struct nilfs_root. A user permitted to mount arbitrary file system images could use this flaw to cause a denial of service (resource exhaustion).

Upstream patch & commit:
https://lore.kernel.org/all/20221007085226.57667-1-konishi.ryusuke@gmail.com/T/#u
https://github.com/torvalds/linux/commit/d0d51a97063db4704a5ef6bc978dddab1636a306
Note You need to log in before you can comment on or make changes to this bug.