VYPR
Medium severity5.5NVD Advisory· Published Oct 21, 2024· Updated Jun 17, 2026

CVE-2022-49008

CVE-2022-49008

Description

In the Linux kernel, the following vulnerability has been resolved:

can: can327: can327_feed_frame_to_netdev(): fix potential skb leak when netdev is down

In can327_feed_frame_to_netdev(), it did not free the skb when netdev is down, and all callers of can327_feed_frame_to_netdev() did not free allocated skb too. That would trigger skb leak.

Fix it by adding kfree_skb() in can327_feed_frame_to_netdev() when netdev is down. Not tested, just compiled.

Affected products

3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.