cve/published/2022/CVE-2022-49020.mbox - pub/scm/linux/security/vulns - Git at Google

 From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 To: <linux-cve-announce@vger.kernel.org>
 Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
 Subject: CVE-2022-49020: net/9p: Fix a potential socket leak in p9_socket_open

 Description
 ===========

 In the Linux kernel, the following vulnerability has been resolved:

 net/9p: Fix a potential socket leak in p9_socket_open

 Both p9_fd_create_tcp() and p9_fd_create_unix() will call
 p9_socket_open(). If the creation of p9_trans_fd fails,
 p9_fd_create_tcp() and p9_fd_create_unix() will return an
 error directly instead of releasing the cscoket, which will
 result in a socket leak.

 This patch adds sock_release() to fix the leak issue.

 The Linux kernel CVE team has assigned CVE-2022-49020 to this issue.


 Affected and fixed versions
 ===========================

 	Issue introduced in 2.6.33 with commit 6b18662e239a032f908b7f6e164bdf7e2e0a32c9 and fixed in 4.9.335 with commit 0396227f4daf4792a6a8aaa3b7771dc25c4cd443
 	Issue introduced in 2.6.33 with commit 6b18662e239a032f908b7f6e164bdf7e2e0a32c9 and fixed in 4.14.301 with commit ded893965b895b2dccd3d1436d8d3daffa23ea64
 	Issue introduced in 2.6.33 with commit 6b18662e239a032f908b7f6e164bdf7e2e0a32c9 and fixed in 4.19.268 with commit 8b14bd0b500aec1458b51cb621c8e5fab3304260
 	Issue introduced in 2.6.33 with commit 6b18662e239a032f908b7f6e164bdf7e2e0a32c9 and fixed in 5.4.226 with commit 2d24d91b9f44620824fc37b766f7cae00ca32748
 	Issue introduced in 2.6.33 with commit 6b18662e239a032f908b7f6e164bdf7e2e0a32c9 and fixed in 5.10.158 with commit e01c1542379fb395e7da53706df598f38905dfbf
 	Issue introduced in 2.6.33 with commit 6b18662e239a032f908b7f6e164bdf7e2e0a32c9 and fixed in 5.15.82 with commit 8782b32ef867de7981bbe9e86ecb90e92e8780bd
 	Issue introduced in 2.6.33 with commit 6b18662e239a032f908b7f6e164bdf7e2e0a32c9 and fixed in 6.0.12 with commit aa08323fe18cb7cf95317ffa2d54ca1de8e74ebd
 	Issue introduced in 2.6.33 with commit 6b18662e239a032f908b7f6e164bdf7e2e0a32c9 and fixed in 6.1 with commit dcc14cfd7debe11b825cb077e75d91d2575b4cb8

 Please see https://www.kernel.org for a full list of currently supported
 kernel versions by the kernel community.

 Unaffected versions might change over time as fixes are backported to
 older supported kernel versions.  The official CVE entry at
 	https://cve.org/CVERecord/?id=CVE-2022-49020
 will be updated if fixes are backported, please check that for the most
 up to date information about this issue.


 Affected files
 ==============

 The file(s) affected by this issue are:
 	net/9p/trans_fd.c


 Mitigation
 ==========

 The Linux kernel CVE team recommends that you update to the latest
 stable kernel version for this, and many other bugfixes.  Individual
 changes are never tested alone, but rather are part of a larger kernel
 release.  Cherry-picking individual commits is not recommended or
 supported by the Linux kernel community at all.  If however, updating to
 the latest release is impossible, the individual changes to resolve this
 issue can be found at these commits:
 	https://git.kernel.org/stable/c/0396227f4daf4792a6a8aaa3b7771dc25c4cd443
 	https://git.kernel.org/stable/c/ded893965b895b2dccd3d1436d8d3daffa23ea64
 	https://git.kernel.org/stable/c/8b14bd0b500aec1458b51cb621c8e5fab3304260
 	https://git.kernel.org/stable/c/2d24d91b9f44620824fc37b766f7cae00ca32748
 	https://git.kernel.org/stable/c/e01c1542379fb395e7da53706df598f38905dfbf
 	https://git.kernel.org/stable/c/8782b32ef867de7981bbe9e86ecb90e92e8780bd
 	https://git.kernel.org/stable/c/aa08323fe18cb7cf95317ffa2d54ca1de8e74ebd
 	https://git.kernel.org/stable/c/dcc14cfd7debe11b825cb077e75d91d2575b4cb8
	From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
	From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	To: <linux-cve-announce@vger.kernel.org>
	Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
	Subject: CVE-2022-49020: net/9p: Fix a potential socket leak in p9_socket_open

	Description
	===========

	In the Linux kernel, the following vulnerability has been resolved:

	net/9p: Fix a potential socket leak in p9_socket_open

	Both p9_fd_create_tcp() and p9_fd_create_unix() will call
	p9_socket_open(). If the creation of p9_trans_fd fails,
	p9_fd_create_tcp() and p9_fd_create_unix() will return an
	error directly instead of releasing the cscoket, which will
	result in a socket leak.

	This patch adds sock_release() to fix the leak issue.

	The Linux kernel CVE team has assigned CVE-2022-49020 to this issue.


	Affected and fixed versions
	===========================

	Issue introduced in 2.6.33 with commit 6b18662e239a032f908b7f6e164bdf7e2e0a32c9 and fixed in 4.9.335 with commit 0396227f4daf4792a6a8aaa3b7771dc25c4cd443
	Issue introduced in 2.6.33 with commit 6b18662e239a032f908b7f6e164bdf7e2e0a32c9 and fixed in 4.14.301 with commit ded893965b895b2dccd3d1436d8d3daffa23ea64
	Issue introduced in 2.6.33 with commit 6b18662e239a032f908b7f6e164bdf7e2e0a32c9 and fixed in 4.19.268 with commit 8b14bd0b500aec1458b51cb621c8e5fab3304260
	Issue introduced in 2.6.33 with commit 6b18662e239a032f908b7f6e164bdf7e2e0a32c9 and fixed in 5.4.226 with commit 2d24d91b9f44620824fc37b766f7cae00ca32748
	Issue introduced in 2.6.33 with commit 6b18662e239a032f908b7f6e164bdf7e2e0a32c9 and fixed in 5.10.158 with commit e01c1542379fb395e7da53706df598f38905dfbf
	Issue introduced in 2.6.33 with commit 6b18662e239a032f908b7f6e164bdf7e2e0a32c9 and fixed in 5.15.82 with commit 8782b32ef867de7981bbe9e86ecb90e92e8780bd
	Issue introduced in 2.6.33 with commit 6b18662e239a032f908b7f6e164bdf7e2e0a32c9 and fixed in 6.0.12 with commit aa08323fe18cb7cf95317ffa2d54ca1de8e74ebd
	Issue introduced in 2.6.33 with commit 6b18662e239a032f908b7f6e164bdf7e2e0a32c9 and fixed in 6.1 with commit dcc14cfd7debe11b825cb077e75d91d2575b4cb8

	Please see https://www.kernel.org for a full list of currently supported
	kernel versions by the kernel community.

	Unaffected versions might change over time as fixes are backported to
	older supported kernel versions. The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2022-49020
	will be updated if fixes are backported, please check that for the most
	up to date information about this issue.


	Affected files
	==============

	The file(s) affected by this issue are:
	net/9p/trans_fd.c


	Mitigation
	==========

	The Linux kernel CVE team recommends that you update to the latest
	stable kernel version for this, and many other bugfixes. Individual
	changes are never tested alone, but rather are part of a larger kernel
	release. Cherry-picking individual commits is not recommended or
	supported by the Linux kernel community at all. If however, updating to
	the latest release is impossible, the individual changes to resolve this
	issue can be found at these commits:
	https://git.kernel.org/stable/c/0396227f4daf4792a6a8aaa3b7771dc25c4cd443
	https://git.kernel.org/stable/c/ded893965b895b2dccd3d1436d8d3daffa23ea64
	https://git.kernel.org/stable/c/8b14bd0b500aec1458b51cb621c8e5fab3304260
	https://git.kernel.org/stable/c/2d24d91b9f44620824fc37b766f7cae00ca32748
	https://git.kernel.org/stable/c/e01c1542379fb395e7da53706df598f38905dfbf
	https://git.kernel.org/stable/c/8782b32ef867de7981bbe9e86ecb90e92e8780bd
	https://git.kernel.org/stable/c/aa08323fe18cb7cf95317ffa2d54ca1de8e74ebd
	https://git.kernel.org/stable/c/dcc14cfd7debe11b825cb077e75d91d2575b4cb8