DEBIAN-CVE-2022-48720

DEBIAN-CVE-2022-48720 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: net: macsec: Fix offload support for NETDEV_UNREGISTER event Current macsec netdev notify handler handles NETDEV_UNREGISTER event by releasing relevant SW resources only, this causes resources leak in case of macsec HW offload, as the underlay driver was not notified to clean it's macsec offload resources. Fix by calling the underlay driver to clean it's relevant resources by moving offload handling from macsec_dellink() to macsec_common_dellink() when handling NETDEV_UNREGISTER event.

Risk Scores

CVSS 3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products

Vendor	Product	Versions
Debian:12	linux	0, 0, 0
Debian:11	linux	5.10.70-1, 5.10.46-5, 5.10.92-1~bpo10+1
Debian:13	linux	0, 0, 0
Debian:14	linux	0, 0, 0

Timeline

Jun 20, 2024 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2022-48720 advisory

Open in Interactive Console →