CVE-2022-48809: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-48809 is a memory leak vulnerability discovered in the Linux kernel's networking subsystem. The vulnerability was disclosed on July 16, 2024, and affects the handling of socket buffer (skb) destination and metadata uncloning operations. The issue impacts multiple versions of the Linux kernel from version 4.3 through 5.16.10 (NVD).

The vulnerability occurs in the tundstunclone function when uncloning an skb dst and its associated metadata. When a new dst+metadata is allocated and replaces the old one in the skb, the uncloned dst+metadata is initialized with a refcount of 1, which is then incorrectly increased to 2 before attaching it to the skb. This results in the dst+metadata being referenced from a single place while its refcount is 2, preventing the refcount from reaching 0 when the skb is consumed. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability results in a memory leak in the Linux kernel. When the affected code path is triggered, memory allocated for dst+metadata structures is not properly freed, leading to a gradual consumption of system memory over time (Kernel Patch).

The vulnerability has been fixed by removing the call to dsthold in tundst_unclone, as the dst+metadata refcount is already 1. The fix has been implemented in various kernel versions through patches. The fix addresses the issue identified in the original commit fc4099f17240 ('openvswitch: Fix egress tunnel info') (Kernel Patch).