AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2022-49153: In the Linux kernel, the following vulnerability has been resolved: wireguard: socket: free skb in send6 when ipv6 is d

mediumvulnerability

security

Source: NVD/CVE DatabaseFebruary 26, 2025CVE-2022-49153

Summary

WireGuard (a VPN protocol in the Linux kernel) had a memory leak bug where network packets (skb, or socket buffers) weren't being properly freed when IPv6 (Internet Protocol version 6) was disabled. The code was supposed to free the memory in certain functions, but forgot to do so when IPv6 support was turned off.

Solution / Mitigation

This patch adds kfree_skb() (a function that frees socket buffer memory) to properly free the skb when CONFIG_IPV6 is disabled in the send6 function.

Vulnerability Details

CVSS Score

5.5(medium)

EPSS (30-day exploit probability)

EPSS: 0.0%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-401 CWE-401

Original source: https://nvd.nist.gov/vuln/detail/CVE-2022-49153

First tracked: February 15, 2026 at 08:35 PM

Classified by LLM (prompt v3) · confidence: 95%