] kmalloc include/linux/slab.h:600 [inline] [] nft_netdev_hook_alloc+0x3b/0xc0 net/netfilter/nf_tables_api.c:1901 [] nft_chain_parse_netdev net/netfilter/nf_tables_api.c:1998 [inline] [] nft_chain_parse_hook+0x33a/0x530 net/netfilter/nf_tables_api.c:2073 [] nf_tables_addchain.constprop.0+0x10b/0x950 net/netfilter/nf_tables_api.c:2218 [] nf_tables_newchain+0xa8b/0xc60 net/netfilter/nf_tables_api.c:2593 [] nfnetlink_rcv_batch+0xa46/0xd20 net/netfilter/nfnetlink.c:517 [] nfnetlink_rcv_skb_batch net/netfilter/nfnetlink.c:638 [inline] [] nfnetlink_rcv+0x1f9/0x220 net/netfilter/nfnetlink.c:656 [] netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline] [] netlink_unicast+0x397/0x4c0 net/netlink/af_netlink.c:1345 [] netlink_sendmsg+0x396/0x710 net/netlink/af_netlink.c:1921 [] sock_sendmsg_nosec net/socket.c:714 [inline] [] sock_sendmsg+0x56/0x80 net/socket.c:734 [] ____sys_sendmsg+0x36c/0x390 net/socket.c:2482 [] ___sys_sendmsg+0xa8/0x110 net/socket.c:2536 [] __sys_sendmsg+0x88/0x100 net/socket.c:2565 [] do_syscall_x64 arch/x86/entry/common.c:50 [inline] [] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80 [] entry_SYSCALL_64_after_hwframe+0x63/0xcd "> ],kmalloc,include/linux/slab.h:600,[inline] [],nft_netdev_hook_alloc+0x3b/0xc0 net/netfilter/nf_tables_api.c:1901,[] nft_chain_parse_netdev,net/netfilter/nf_tables_api.c:1998,[inline] [],nft_chain_parse_hook+0x33a/0x530 net/netfilter/nf_tables_api.c:2073,[] nf_tables_addchain.constprop.0+0x10b/0x950 net/netfilter/nf_tables_api.c:2218,[] nf_tables_newchain+0xa8b/0xc60,net/netfilter/nf_tables_api.c:2593 [],nfnetlink_rcv_batch+0xa46/0xd20 net/netfilter/nfnetlink.c:517,[] nfnetlink_rcv_skb_batch,net/netfilter/nfnetlink.c:638,[inline] [],nfnetlink_rcv+0x1f9/0x220 net/netfilter/nfnetlink.c:656,[] netlink_unicast_kernel,net/netlink/af_netlink.c:1319,[inline] [],netlink_unicast+0x397/0x4c0 net/netlink/af_netlink.c:1345,[] netlink_sendmsg+0x396/0x710,net/netlink/af_netlink.c:1921 [],sock_sendmsg_nosec,net/socket.c:714,[inline] [],sock_sendmsg+0x56/0x80,net/socket.c:734 [],____sys_sendmsg+0x36c/0x390,net/socket.c:2482 [],___sys_sendmsg+0xa8/0x110,net/socket.c:2536 [],__sys_sendmsg+0x88/0x100,net/socket.c:2565 [],do_syscall_x64,arch/x86/entry/common.c:50 [inline],[],do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80,[] entry_SYSCALL_64_after_hwframe+0x63/0xcd "> SecuritySpace - CVE-2022-48691
 
English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2022-48691
Description:In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: clean up hook list when offload flags check fails splice back the hook list so nft_chain_release_hook() has a chance to release the hooks. BUG: memory leak unreferenced object 0xffff88810180b100 (size 96): comm "syz-executor133", pid 3619, jiffies 4294945714 (age 12.690s) hex dump (first 32 bytes): 28 64 23 02 81 88 ff ff 28 64 23 02 81 88 ff ff (d#.....(d#..... 90 a8 aa 83 ff ff ff ff 00 00 b5 0f 81 88 ff ff ................ backtrace: [] kmalloc include/linux/slab.h:600 [inline] [] nft_netdev_hook_alloc+0x3b/0xc0 net/netfilter/nf_tables_api.c:1901 [] nft_chain_parse_netdev net/netfilter/nf_tables_api.c:1998 [inline] [] nft_chain_parse_hook+0x33a/0x530 net/netfilter/nf_tables_api.c:2073 [] nf_tables_addchain.constprop.0+0x10b/0x950 net/netfilter/nf_tables_api.c:2218 [] nf_tables_newchain+0xa8b/0xc60 net/netfilter/nf_tables_api.c:2593 [] nfnetlink_rcv_batch+0xa46/0xd20 net/netfilter/nfnetlink.c:517 [] nfnetlink_rcv_skb_batch net/netfilter/nfnetlink.c:638 [inline] [] nfnetlink_rcv+0x1f9/0x220 net/netfilter/nfnetlink.c:656 [] netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline] [] netlink_unicast+0x397/0x4c0 net/netlink/af_netlink.c:1345 [] netlink_sendmsg+0x396/0x710 net/netlink/af_netlink.c:1921 [] sock_sendmsg_nosec net/socket.c:714 [inline] [] sock_sendmsg+0x56/0x80 net/socket.c:734 [] ____sys_sendmsg+0x36c/0x390 net/socket.c:2482 [] ___sys_sendmsg+0xa8/0x110 net/socket.c:2536 [] __sys_sendmsg+0x88/0x100 net/socket.c:2565 [] do_syscall_x64 arch/x86/entry/common.c:50 [inline] [] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80 [] entry_SYSCALL_64_after_hwframe+0x63/0xcd
Test IDs: None available
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2022-48691
https://git.kernel.org/stable/c/1ce55ec5cb7c573c983dffbe290b8d17caf1f157
https://git.kernel.org/stable/c/1ce55ec5cb7c573c983dffbe290b8d17caf1f157
https://git.kernel.org/stable/c/77972a36ecc4db7fc7c68f0e80714263c5f03f65
https://git.kernel.org/stable/c/77972a36ecc4db7fc7c68f0e80714263c5f03f65
https://git.kernel.org/stable/c/910891a2a44cdc49efcc4fe7459c1085ba00d0f4
https://git.kernel.org/stable/c/910891a2a44cdc49efcc4fe7459c1085ba00d0f4
https://git.kernel.org/stable/c/94ed8eeb8d9aeb00e4f4e19b83a2e28b6442fbc5
https://git.kernel.org/stable/c/94ed8eeb8d9aeb00e4f4e19b83a2e28b6442fbc5



© 1998-2025 E-Soft Inc. All rights reserved.