CVE-2022-48794 (GCVE-0-2022-48794)

Vulnerability from cvelistv5 – Published: 2024-07-16 11:43 – Updated: 2026-05-11 18:47
VLAI
Title
net: ieee802154: at86rf230: Stop leaking skb's
Summary
In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: at86rf230: Stop leaking skb's Upon error the ieee802154_xmit_complete() helper is not called. Only ieee802154_wake_queue() is called manually. In the Tx case we then leak the skb structure. Free the skb structure upon error before returning when appropriate. As the 'is_tx = 0' cannot be moved in the complete handler because of a possible race between the delay in switching to STATE_RX_AACK_ON and a new interrupt, we introduce an intermediate 'was_tx' boolean just for this purpose. There is no Fixes tag applying here, many changes have been made on this area and the issue kind of always existed.
Severity
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 955aee8b5c69594b9fb38a4f65e77db343b43a38 , < d2a1eaf51b7d4412319adb6acef114ba472d1692 (git)
Affected: 955aee8b5c69594b9fb38a4f65e77db343b43a38 , < af649e5c95f56df64363bc46f6746b87819f9c0d (git)
Affected: 955aee8b5c69594b9fb38a4f65e77db343b43a38 , < 6312f6a53fd3ea38125dcaca5e3c9aa7d8a60cf7 (git)
Affected: 955aee8b5c69594b9fb38a4f65e77db343b43a38 , < 455ef08d6e5473526fa6763f75a93f7198206966 (git)
Affected: 955aee8b5c69594b9fb38a4f65e77db343b43a38 , < 0fd484644c68897c490a3307bfcc8bf767df5a43 (git)
Affected: 955aee8b5c69594b9fb38a4f65e77db343b43a38 , < 23b2a25382400168427ea278f3d8bf4ecfd333bf (git)
Affected: 955aee8b5c69594b9fb38a4f65e77db343b43a38 , < 1c72f04d52b7200bb83426a9bed378668271ea4a (git)
Affected: 955aee8b5c69594b9fb38a4f65e77db343b43a38 , < e5ce576d45bf72fd0e3dc37eff897bfcc488f6a9 (git)
Create a notification for this product.
Linux Linux Affected: 3.19
Unaffected: 0 , < 3.19 (semver)
Unaffected: 4.9.303 , ≤ 4.9.* (semver)
Unaffected: 4.14.268 , ≤ 4.14.* (semver)
Unaffected: 4.19.231 , ≤ 4.19.* (semver)
Unaffected: 5.4.181 , ≤ 5.4.* (semver)
Unaffected: 5.10.102 , ≤ 5.10.* (semver)
Unaffected: 5.15.25 , ≤ 5.15.* (semver)
Unaffected: 5.16.11 , ≤ 5.16.* (semver)
Unaffected: 5.17 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:25:01.536Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d2a1eaf51b7d4412319adb6acef114ba472d1692"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/af649e5c95f56df64363bc46f6746b87819f9c0d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6312f6a53fd3ea38125dcaca5e3c9aa7d8a60cf7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/455ef08d6e5473526fa6763f75a93f7198206966"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0fd484644c68897c490a3307bfcc8bf767df5a43"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/23b2a25382400168427ea278f3d8bf4ecfd333bf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1c72f04d52b7200bb83426a9bed378668271ea4a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e5ce576d45bf72fd0e3dc37eff897bfcc488f6a9"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-48794",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T16:59:25.809621Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:34:15.221Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ieee802154/at86rf230.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d2a1eaf51b7d4412319adb6acef114ba472d1692",
              "status": "affected",
              "version": "955aee8b5c69594b9fb38a4f65e77db343b43a38",
              "versionType": "git"
            },
            {
              "lessThan": "af649e5c95f56df64363bc46f6746b87819f9c0d",
              "status": "affected",
              "version": "955aee8b5c69594b9fb38a4f65e77db343b43a38",
              "versionType": "git"
            },
            {
              "lessThan": "6312f6a53fd3ea38125dcaca5e3c9aa7d8a60cf7",
              "status": "affected",
              "version": "955aee8b5c69594b9fb38a4f65e77db343b43a38",
              "versionType": "git"
            },
            {
              "lessThan": "455ef08d6e5473526fa6763f75a93f7198206966",
              "status": "affected",
              "version": "955aee8b5c69594b9fb38a4f65e77db343b43a38",
              "versionType": "git"
            },
            {
              "lessThan": "0fd484644c68897c490a3307bfcc8bf767df5a43",
              "status": "affected",
              "version": "955aee8b5c69594b9fb38a4f65e77db343b43a38",
              "versionType": "git"
            },
            {
              "lessThan": "23b2a25382400168427ea278f3d8bf4ecfd333bf",
              "status": "affected",
              "version": "955aee8b5c69594b9fb38a4f65e77db343b43a38",
              "versionType": "git"
            },
            {
              "lessThan": "1c72f04d52b7200bb83426a9bed378668271ea4a",
              "status": "affected",
              "version": "955aee8b5c69594b9fb38a4f65e77db343b43a38",
              "versionType": "git"
            },
            {
              "lessThan": "e5ce576d45bf72fd0e3dc37eff897bfcc488f6a9",
              "status": "affected",
              "version": "955aee8b5c69594b9fb38a4f65e77db343b43a38",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ieee802154/at86rf230.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.19"
            },
            {
              "lessThan": "3.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.303",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.268",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.231",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.181",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.102",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.25",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.16.*",
              "status": "unaffected",
              "version": "5.16.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.17",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.9.303",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.268",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.231",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.181",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.102",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.25",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.16.11",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.17",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: at86rf230: Stop leaking skb\u0027s\n\nUpon error the ieee802154_xmit_complete() helper is not called. Only\nieee802154_wake_queue() is called manually. In the Tx case we then leak\nthe skb structure.\n\nFree the skb structure upon error before returning when appropriate.\n\nAs the \u0027is_tx = 0\u0027 cannot be moved in the complete handler because of a\npossible race between the delay in switching to STATE_RX_AACK_ON and a\nnew interrupt, we introduce an intermediate \u0027was_tx\u0027 boolean just for\nthis purpose.\n\nThere is no Fixes tag applying here, many changes have been made on this\narea and the issue kind of always existed."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T18:47:13.403Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d2a1eaf51b7d4412319adb6acef114ba472d1692"
        },
        {
          "url": "https://git.kernel.org/stable/c/af649e5c95f56df64363bc46f6746b87819f9c0d"
        },
        {
          "url": "https://git.kernel.org/stable/c/6312f6a53fd3ea38125dcaca5e3c9aa7d8a60cf7"
        },
        {
          "url": "https://git.kernel.org/stable/c/455ef08d6e5473526fa6763f75a93f7198206966"
        },
        {
          "url": "https://git.kernel.org/stable/c/0fd484644c68897c490a3307bfcc8bf767df5a43"
        },
        {
          "url": "https://git.kernel.org/stable/c/23b2a25382400168427ea278f3d8bf4ecfd333bf"
        },
        {
          "url": "https://git.kernel.org/stable/c/1c72f04d52b7200bb83426a9bed378668271ea4a"
        },
        {
          "url": "https://git.kernel.org/stable/c/e5ce576d45bf72fd0e3dc37eff897bfcc488f6a9"
        }
      ],
      "title": "net: ieee802154: at86rf230: Stop leaking skb\u0027s",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-48794",
    "datePublished": "2024-07-16T11:43:49.434Z",
    "dateReserved": "2024-07-16T11:38:08.894Z",
    "dateUpdated": "2026-05-11T18:47:13.403Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2022-48794",
      "date": "2026-05-26",
      "epss": "0.00025",
      "percentile": "0.07475"
    },
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet: ieee802154: at86rf230: Stop leaking skb\u0027s\\n\\nUpon error the ieee802154_xmit_complete() helper is not called. Only\\nieee802154_wake_queue() is called manually. In the Tx case we then leak\\nthe skb structure.\\n\\nFree the skb structure upon error before returning when appropriate.\\n\\nAs the \u0027is_tx = 0\u0027 cannot be moved in the complete handler because of a\\npossible race between the delay in switching to STATE_RX_AACK_ON and a\\nnew interrupt, we introduce an intermediate \u0027was_tx\u0027 boolean just for\\nthis purpose.\\n\\nThere is no Fixes tag applying here, many changes have been made on this\\narea and the issue kind of always existed.\"}, {\"lang\": \"es\", \"value\": \"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: ieee802154: at86rf230: Detener la fuga de skb. En caso de error, no se llama al asistente ieee802154_xmit_complete(). Solo se llama manualmente a ieee802154_wake_queue(). En el caso de Tx, filtramos la estructura skb. Libere la estructura skb en caso de error antes de regresar cuando sea apropiado. Como \u0027is_tx = 0\u0027 no se puede mover en el controlador completo debido a una posible ejecuci\\u00f3n entre el retraso en el cambio a STATE_RX_AACK_ON y una nueva interrupci\\u00f3n, introducimos un booleano intermedio \u0027was_tx\u0027 solo para este prop\\u00f3sito. No se aplica ninguna etiqueta de Correcciones aqu\\u00ed, se han realizado muchos cambios en esta \\u00e1rea y el problema siempre existi\\u00f3.\"}]",
      "id": "CVE-2022-48794",
      "lastModified": "2024-11-21T07:34:02.320",
      "published": "2024-07-16T12:15:04.147",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/0fd484644c68897c490a3307bfcc8bf767df5a43\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/1c72f04d52b7200bb83426a9bed378668271ea4a\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/23b2a25382400168427ea278f3d8bf4ecfd333bf\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/455ef08d6e5473526fa6763f75a93f7198206966\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/6312f6a53fd3ea38125dcaca5e3c9aa7d8a60cf7\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/af649e5c95f56df64363bc46f6746b87819f9c0d\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/d2a1eaf51b7d4412319adb6acef114ba472d1692\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/e5ce576d45bf72fd0e3dc37eff897bfcc488f6a9\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/0fd484644c68897c490a3307bfcc8bf767df5a43\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/1c72f04d52b7200bb83426a9bed378668271ea4a\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/23b2a25382400168427ea278f3d8bf4ecfd333bf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/455ef08d6e5473526fa6763f75a93f7198206966\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/6312f6a53fd3ea38125dcaca5e3c9aa7d8a60cf7\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/af649e5c95f56df64363bc46f6746b87819f9c0d\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/d2a1eaf51b7d4412319adb6acef114ba472d1692\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/e5ce576d45bf72fd0e3dc37eff897bfcc488f6a9\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Awaiting Analysis"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-48794\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-07-16T12:15:04.147\",\"lastModified\":\"2025-09-24T18:14:21.863\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet: ieee802154: at86rf230: Stop leaking skb\u0027s\\n\\nUpon error the ieee802154_xmit_complete() helper is not called. Only\\nieee802154_wake_queue() is called manually. In the Tx case we then leak\\nthe skb structure.\\n\\nFree the skb structure upon error before returning when appropriate.\\n\\nAs the \u0027is_tx = 0\u0027 cannot be moved in the complete handler because of a\\npossible race between the delay in switching to STATE_RX_AACK_ON and a\\nnew interrupt, we introduce an intermediate \u0027was_tx\u0027 boolean just for\\nthis purpose.\\n\\nThere is no Fixes tag applying here, many changes have been made on this\\narea and the issue kind of always existed.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: ieee802154: at86rf230: Detener la fuga de skb. En caso de error, no se llama al asistente ieee802154_xmit_complete(). Solo se llama manualmente a ieee802154_wake_queue(). En el caso de Tx, filtramos la estructura skb. Libere la estructura skb en caso de error antes de regresar cuando sea apropiado. Como \u0027is_tx = 0\u0027 no se puede mover en el controlador completo debido a una posible ejecuci\u00f3n entre el retraso en el cambio a STATE_RX_AACK_ON y una nueva interrupci\u00f3n, introducimos un booleano intermedio \u0027was_tx\u0027 solo para este prop\u00f3sito. No se aplica ninguna etiqueta de Correcciones aqu\u00ed, se han realizado muchos cambios en esta \u00e1rea y el problema siempre existi\u00f3.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-401\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.9.303\",\"matchCriteriaId\":\"B6A99783-2D18-40BD-B2F8-5659C625B903\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10\",\"versionEndExcluding\":\"4.14.268\",\"matchCriteriaId\":\"58023BD3-9FC0-4CC9-8E7D-6C88E37089DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.15\",\"versionEndExcluding\":\"4.19.231\",\"matchCriteriaId\":\"AC95C65F-81A3-45CE-9AEB-8890D21A3303\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.181\",\"matchCriteriaId\":\"FB33213E-1A45-4E3B-A129-58AAA2EB921D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.102\",\"matchCriteriaId\":\"DAD66A9A-8D06-48D1-8AA8-FC060496FF53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.25\",\"matchCriteriaId\":\"D098AA16-8E21-4EB7-AE2F-1EEB58E1A3A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"5.16.11\",\"matchCriteriaId\":\"0D327234-5D4A-43DC-A6DF-BCA0CEBEC039\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6E34B23-78B4-4516-9BD8-61B33F4AC49A\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/0fd484644c68897c490a3307bfcc8bf767df5a43\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/1c72f04d52b7200bb83426a9bed378668271ea4a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/23b2a25382400168427ea278f3d8bf4ecfd333bf\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/455ef08d6e5473526fa6763f75a93f7198206966\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6312f6a53fd3ea38125dcaca5e3c9aa7d8a60cf7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/af649e5c95f56df64363bc46f6746b87819f9c0d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/d2a1eaf51b7d4412319adb6acef114ba472d1692\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/e5ce576d45bf72fd0e3dc37eff897bfcc488f6a9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/0fd484644c68897c490a3307bfcc8bf767df5a43\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/1c72f04d52b7200bb83426a9bed378668271ea4a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/23b2a25382400168427ea278f3d8bf4ecfd333bf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/455ef08d6e5473526fa6763f75a93f7198206966\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6312f6a53fd3ea38125dcaca5e3c9aa7d8a60cf7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/af649e5c95f56df64363bc46f6746b87819f9c0d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/d2a1eaf51b7d4412319adb6acef114ba472d1692\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/e5ce576d45bf72fd0e3dc37eff897bfcc488f6a9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/d2a1eaf51b7d4412319adb6acef114ba472d1692\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/af649e5c95f56df64363bc46f6746b87819f9c0d\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/6312f6a53fd3ea38125dcaca5e3c9aa7d8a60cf7\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/455ef08d6e5473526fa6763f75a93f7198206966\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/0fd484644c68897c490a3307bfcc8bf767df5a43\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/23b2a25382400168427ea278f3d8bf4ecfd333bf\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/1c72f04d52b7200bb83426a9bed378668271ea4a\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/e5ce576d45bf72fd0e3dc37eff897bfcc488f6a9\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T15:25:01.536Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-48794\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-10T16:59:25.809621Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-11T12:42:21.614Z\"}}], \"cna\": {\"title\": \"net: ieee802154: at86rf230: Stop leaking skb\u0027s\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"955aee8b5c69594b9fb38a4f65e77db343b43a38\", \"lessThan\": \"d2a1eaf51b7d4412319adb6acef114ba472d1692\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"955aee8b5c69594b9fb38a4f65e77db343b43a38\", \"lessThan\": \"af649e5c95f56df64363bc46f6746b87819f9c0d\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"955aee8b5c69594b9fb38a4f65e77db343b43a38\", \"lessThan\": \"6312f6a53fd3ea38125dcaca5e3c9aa7d8a60cf7\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"955aee8b5c69594b9fb38a4f65e77db343b43a38\", \"lessThan\": \"455ef08d6e5473526fa6763f75a93f7198206966\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"955aee8b5c69594b9fb38a4f65e77db343b43a38\", \"lessThan\": \"0fd484644c68897c490a3307bfcc8bf767df5a43\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"955aee8b5c69594b9fb38a4f65e77db343b43a38\", \"lessThan\": \"23b2a25382400168427ea278f3d8bf4ecfd333bf\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"955aee8b5c69594b9fb38a4f65e77db343b43a38\", \"lessThan\": \"1c72f04d52b7200bb83426a9bed378668271ea4a\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"955aee8b5c69594b9fb38a4f65e77db343b43a38\", \"lessThan\": \"e5ce576d45bf72fd0e3dc37eff897bfcc488f6a9\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/net/ieee802154/at86rf230.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.19\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"3.19\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"4.9.303\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.9.*\"}, {\"status\": \"unaffected\", \"version\": \"4.14.268\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.14.*\"}, {\"status\": \"unaffected\", \"version\": \"4.19.231\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.19.*\"}, {\"status\": \"unaffected\", \"version\": \"5.4.181\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.4.*\"}, {\"status\": \"unaffected\", \"version\": \"5.10.102\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.25\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"5.16.11\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.16.*\"}, {\"status\": \"unaffected\", \"version\": \"5.17\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/net/ieee802154/at86rf230.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/d2a1eaf51b7d4412319adb6acef114ba472d1692\"}, {\"url\": \"https://git.kernel.org/stable/c/af649e5c95f56df64363bc46f6746b87819f9c0d\"}, {\"url\": \"https://git.kernel.org/stable/c/6312f6a53fd3ea38125dcaca5e3c9aa7d8a60cf7\"}, {\"url\": \"https://git.kernel.org/stable/c/455ef08d6e5473526fa6763f75a93f7198206966\"}, {\"url\": \"https://git.kernel.org/stable/c/0fd484644c68897c490a3307bfcc8bf767df5a43\"}, {\"url\": \"https://git.kernel.org/stable/c/23b2a25382400168427ea278f3d8bf4ecfd333bf\"}, {\"url\": \"https://git.kernel.org/stable/c/1c72f04d52b7200bb83426a9bed378668271ea4a\"}, {\"url\": \"https://git.kernel.org/stable/c/e5ce576d45bf72fd0e3dc37eff897bfcc488f6a9\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet: ieee802154: at86rf230: Stop leaking skb\u0027s\\n\\nUpon error the ieee802154_xmit_complete() helper is not called. Only\\nieee802154_wake_queue() is called manually. In the Tx case we then leak\\nthe skb structure.\\n\\nFree the skb structure upon error before returning when appropriate.\\n\\nAs the \u0027is_tx = 0\u0027 cannot be moved in the complete handler because of a\\npossible race between the delay in switching to STATE_RX_AACK_ON and a\\nnew interrupt, we introduce an intermediate \u0027was_tx\u0027 boolean just for\\nthis purpose.\\n\\nThere is no Fixes tag applying here, many changes have been made on this\\narea and the issue kind of always existed.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.9.303\", \"versionStartIncluding\": \"3.19\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.14.268\", \"versionStartIncluding\": \"3.19\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.19.231\", \"versionStartIncluding\": \"3.19\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.4.181\", \"versionStartIncluding\": \"3.19\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.102\", \"versionStartIncluding\": \"3.19\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.15.25\", \"versionStartIncluding\": \"3.19\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.16.11\", \"versionStartIncluding\": \"3.19\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.17\", \"versionStartIncluding\": \"3.19\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-12-23T13:20:31.740Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-48794\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-23T13:20:31.740Z\", \"dateReserved\": \"2024-07-16T11:38:08.894Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-07-16T11:43:49.434Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.