CVE-2022-48626

Summary

In the Linux kernel, the following vulnerability has been resolved:

moxart: fix potential use-after-free on remove path

It was reported that the mmc host structure could be accessed after it was freed in moxart_remove(), so fix this by saving the base register of the device and using it instead of the pointer dereference.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1b66e94e6b9995323190f31c51d8e1a6f516627e < f5dc193167591e88797262ec78515a0cbe79ff5faffected
LinuxLinux1b66e94e6b9995323190f31c51d8e1a6f516627e < e6f580d0b3349646d4ee1ce0057eb273e8fb7e2eaffected
LinuxLinux1b66e94e6b9995323190f31c51d8e1a6f516627e < 9c25d5ff1856b91bd4365e813f566cb59aaa9552affected
LinuxLinux1b66e94e6b9995323190f31c51d8e1a6f516627e < 3a0a7ec5574b510b067cfc734b8bdb6564b31d4eaffected
LinuxLinux1b66e94e6b9995323190f31c51d8e1a6f516627e < be93028d306dac9f5b59ebebd9ec7abcfc69c156affected
LinuxLinux1b66e94e6b9995323190f31c51d8e1a6f516627e < af0e6c49438b1596e4be8a267d218a0c88a42323affected
LinuxLinux1b66e94e6b9995323190f31c51d8e1a6f516627e < 7f901d53f120d1921f84f7b9b118e87e94b403c5affected
LinuxLinux1b66e94e6b9995323190f31c51d8e1a6f516627e < bd2db32e7c3e35bd4d9b8bbff689434a50893546affected
LinuxLinux3.16affected
LinuxLinux0 < 3.16unaffected
LinuxLinux4.9.301 <= 4.9.*unaffected
LinuxLinux4.14.266 <= 4.14.*unaffected
LinuxLinux4.19.229 <= 4.19.*unaffected
LinuxLinux5.4.179 <= 5.4.*unaffected
LinuxLinux5.10.100 <= 5.10.*unaffected
LinuxLinux5.15.23 <= 5.15.*unaffected
LinuxLinux5.16.9 <= 5.16.*unaffected
LinuxLinux5.17 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References