2151644 – (CVE-2022-3629) CVE-2022-3629 kernel: memory leak in the function vsock_connect of Virtual Socket Protocol

Bug 2151644 (CVE-2022-3629) - CVE-2022-3629 kernel: memory leak in the function vsock_connect of Virtual Socket Protocol

Summary: CVE-2022-3629 kernel: memory leak in the function vsock_connect of Virtual So...

Keywords:
Status:	NEW
Alias:	CVE-2022-3629
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2151645 2151647 2151648
Blocks:	2137102
TreeView+	depends on / blocked

Reported:	2022-12-07 17:45 UTC by Alex
Modified:	2024-10-12 08:28 UTC (History)
CC List:	45 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Alex 2022-12-07 17:45:48 UTC

A vulnerability was found in Linux Kernel. Affected by this issue is the function vsock_connect of the file net/vmw_vsock/af_vsock.c that is part of the Virtual Socket Protocol. The manipulation leads to memory leak.

References:
https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=7e97cfed9929eaabc41829c395eb0d1350fccb9d
https://vuldb.com/?id.211930

Comment 1 Alex 2022-12-07 17:46:13 UTC

Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2151645]

Comment 4 Justin M. Forbes 2022-12-08 16:09:48 UTC

This was fixed for Fedora with the 5.19.4 stable kernel updates.

Note You need to log in before you can comment on or make changes to this bug.

acaringi
adscvr
airlied
alciregi
bhu
chwhite
crwood
ddepaula
debarbos
dvlasenk
ezulian
hdegoede
hkrzesin
hpa
jarod
jarodwilson
jfaracco
jferlan
jforbes
jglisse
jlelli
joe.lawrence
josef
jshortt
jstancek
jwboyer
jwyatt
kcarcia
kernel-maint
kernel-mgr
lgoncalv
linville
lzampier
masami256
mchehab
nmurray
ptalbert
qzhao
rvrbovsk
scweaver
sdubroca
steved
tyberry
walters
williams