{"vulnerability": "cve-2022-49911", "sightings": [{"uuid": "0b7bedb9-6a34-49a5-ac26-0982e47b1037", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-49911", "type": "published-proof-of-concept", "source": "https://t.me/cvedetector/24251", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-49911 - Linux kernel netfilter ipset Memory Allocation Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2022-49911 \nPublished : May 1, 2025, 3:16 p.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnetfilter: ipset: enforce documented limit to prevent allocating huge memory  \n  \nDaniel Xu reported that the hash:net,iface type of the ipset subsystem does  \nnot limit adding the same network with different interfaces to a set, which  \ncan lead to huge memory usage or allocation failure.  \n  \nThe quick reproducer is  \n  \n$ ipset create ACL.IN.ALL_PERMIT hash:net,iface hashsize 1048576 timeout 0  \n$ for i in $(seq 0 100); do /sbin/ipset add ACL.IN.ALL_PERMIT 0.0.0.0/0,kaf_$i timeout 0 -exist; done  \n  \nThe backtrace when vmalloc fails:  \n  \n        [Tue Oct 25 00:13:08 2022] ipset: vmalloc error: size 1073741848, exceeds total pages <...[Tue Oct 25 00:13:08 2022] Call Trace:  \n        [Tue Oct 25 00:13:08 2022]    \n        [Tue Oct 25 00:13:08 2022]  dump_stack_lvl+0x48/0x60  \n        [Tue Oct 25 00:13:08 2022]  warn_alloc+0x155/0x180  \n        [Tue Oct 25 00:13:08 2022]  __vmalloc_node_range+0x72a/0x760  \n        [Tue Oct 25 00:13:08 2022]  ? hash_netiface4_add+0x7c0/0xb20  \n        [Tue Oct 25 00:13:08 2022]  ? __kmalloc_large_node+0x4a/0x90  \n        [Tue Oct 25 00:13:08 2022]  kvmalloc_node+0xa6/0xd0  \n        [Tue Oct 25 00:13:08 2022]  ? hash_netiface4_resize+0x99/0x710 <...The fix is to enforce the limit documented in the ipset(8) manpage:  \n  \n>  The internal restriction of the hash:net,iface set type is that the same  \n>  network prefix cannot be stored with more than 64 different interfaces  \n>  in a single set. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T19:01:43.000000Z"}]}