In the Linux kernel, the following vulnerability has been resolved:
net: bridge: vlan: fix memory leak in __allowed_ingress
When using per-vlan state, if vlan snooping and stats are disabled,
untagged or priority-tagged ingress frame will go to check pvid state.
If the port state is forwarding and the pvid state is not
learning/forwarding, untagged or priority-tagged frame will be dropped
but skb memory is not freed.
Should free skb when __allowed_ingress returns false.
References
Configurations
No configuration.
History
03 Jul 2024, 01:39
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-400 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
Summary |
|
20 Jun 2024, 12:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-06-20 12:15
Updated : 2024-07-03 01:39
NVD link : CVE-2022-48748
Mitre link : CVE-2022-48748
CVE.ORG link : CVE-2022-48748
JSON object : View
Products Affected
No product.
CWE
CWE-400
Uncontrolled Resource Consumption