{"id":"AZL-69785","summary":"CVE-2022-49803 affecting package kernel 5.15.200.1-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetdevsim: Fix memory leak of nsim_dev-\u003efa_cookie\n\nkmemleak reports this issue:\n\nunreferenced object 0xffff8881bac872d0 (size 8):\n  comm \"sh\", pid 58603, jiffies 4481524462 (age 68.065s)\n  hex dump (first 8 bytes):\n    04 00 00 00 de ad be ef                          ........\n  backtrace:\n    [\u003c00000000c80b8577\u003e] __kmalloc+0x49/0x150\n    [\u003c000000005292b8c6\u003e] nsim_dev_trap_fa_cookie_write+0xc1/0x210 [netdevsim]\n    [\u003c0000000093d78e77\u003e] full_proxy_write+0xf3/0x180\n    [\u003c000000005a662c16\u003e] vfs_write+0x1c5/0xaf0\n    [\u003c000000007aabf84a\u003e] ksys_write+0xed/0x1c0\n    [\u003c000000005f1d2e47\u003e] do_syscall_64+0x3b/0x90\n    [\u003c000000006001c6ec\u003e] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe issue occurs in the following scenarios:\n\nnsim_dev_trap_fa_cookie_write()\n  kmalloc() fa_cookie\n  nsim_dev-\u003efa_cookie = fa_cookie\n..\nnsim_drv_remove()\n\nThe fa_cookie allocked in nsim_dev_trap_fa_cookie_write() is not freed. To\nfix, add kfree(nsim_dev-\u003efa_cookie) to nsim_drv_remove().","modified":"2026-04-01T05:21:37.682233Z","published":"2025-05-01T15:16:03Z","upstream":["CVE-2022-49803"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49803"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"5.15.200.1-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-69785.json"}}],"schema_version":"1.7.5"}