CVE-2022-49008

{"id": "CVE-2022-49008", "cveTags": [], "metrics": {}, "published": "2024-10-21T20:15:12.290", "references": [{"url": "https://git.kernel.org/stable/c/797b1d9fc0e1f4351e4ad49b078c1a3cdc0d4a08", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/8fa452cfafed521aaf5a18c71003fe24b1ee6141", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Received", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: can327: can327_feed_frame_to_netdev(): fix potential skb leak when netdev is down\n\nIn can327_feed_frame_to_netdev(), it did not free the skb when netdev\nis down, and all callers of can327_feed_frame_to_netdev() did not free\nallocated skb too. That would trigger skb leak.\n\nFix it by adding kfree_skb() in can327_feed_frame_to_netdev() when netdev\nis down. Not tested, just compiled."}], "lastModified": "2024-10-21T20:15:12.290", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}