{ "affected": [ { "ranges": [ { "events": [ { "introduced": "98cd1552ea27e512c7e99e2aa76042a26e4fb25c" }, { "fixed": "935b4beb724946a37cebf97191592d4879d3a3a3" }, { "fixed": "d593e1ede655b74c42e4e4fe285ea64aee96fb5c" }, { "fixed": "bbc5d7b46a729bfcbb5544f6612b7a67dd4f4d6f" }, { "fixed": "37a098fc9b42bd7fce66764866aa514639667b6e" }, { "fixed": "9f555b1584fc2d5d16ee3c4d9438e93ac7c502c7" }, { "fixed": "4d2024b138d9f7b02ae13ee997fd3a71e9e46254" }, { "fixed": "633efc8b3dc96f56f5a57f2a49764853a2fa3f50" } ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "type": "GIT" } ] } ], "database_specific": { "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49926.json" }, "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: Fix possible memory leaks in dsa_loop_init()\n\nkmemleak reported memory leaks in dsa_loop_init():\n\nkmemleak: 12 new suspected memory leaks\n\nunreferenced object 0xffff8880138ce000 (size 2048):\n comm \"modprobe\", pid 390, jiffies 4295040478 (age 238.976s)\n backtrace:\n [\u003c000000006a94f1d5\u003e] kmalloc_trace+0x26/0x60\n [\u003c00000000a9c44622\u003e] phy_device_create+0x5d/0x970\n [\u003c00000000d0ee2afc\u003e] get_phy_device+0xf3/0x2b0\n [\u003c00000000dca0c71f\u003e] __fixed_phy_register.part.0+0x92/0x4e0\n [\u003c000000008a834798\u003e] fixed_phy_register+0x84/0xb0\n [\u003c0000000055223fcb\u003e] dsa_loop_init+0xa9/0x116 [dsa_loop]\n ...\n\nThere are two reasons for memleak in dsa_loop_init().\n\nFirst, fixed_phy_register() create and register phy_device:\n\nfixed_phy_register()\n get_phy_device()\n phy_device_create() # freed by phy_device_free()\n phy_device_register() # freed by phy_device_remove()\n\nBut fixed_phy_unregister() only calls phy_device_remove().\nSo the memory allocated in phy_device_create() is leaked.\n\nSecond, when mdio_driver_register() fail in dsa_loop_init(),\nit just returns and there is no cleanup for phydevs.\n\nFix the problems by catching the error of mdio_driver_register()\nin dsa_loop_init(), then calling both fixed_phy_unregister() and\nphy_device_free() to release phydevs.\nAlso add a function for phydevs cleanup to avoid duplacate.", "id": "CVE-2022-49926", "modified": "2026-04-01T23:07:58.069991550Z", "published": "2025-05-01T14:11:04.691Z", "references": [ { "type": "WEB", "url": "https://git.kernel.org/stable/c/37a098fc9b42bd7fce66764866aa514639667b6e" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/4d2024b138d9f7b02ae13ee997fd3a71e9e46254" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/633efc8b3dc96f56f5a57f2a49764853a2fa3f50" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/935b4beb724946a37cebf97191592d4879d3a3a3" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/9f555b1584fc2d5d16ee3c4d9438e93ac7c502c7" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/bbc5d7b46a729bfcbb5544f6612b7a67dd4f4d6f" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/d593e1ede655b74c42e4e4fe285ea64aee96fb5c" }, { "type": "ADVISORY", "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49926.json" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49926" }, { "type": "PACKAGE", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git" } ], "schema_version": "1.7.3", "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ], "summary": "net: dsa: Fix possible memory leaks in dsa_loop_init()" }