CVE-2022-48754
8.4
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
phylib: fix potential use-after-free
Commit bafbdd527d56 ("phylib: Add device reset GPIO support") added call to phy_device_reset(phydev) after the put_device() call in phy_detach().
The comment before the put_device() call says that the phydev might go away with put_device().
Fix potential use-after-free by calling phy_device_reset() before put_device().
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | bafbdd527d569c8200521f2f7579f65a044271be < 67d271760b037ce0806d687ee6057edc8afd4205 | affected |
| Linux | Linux | bafbdd527d569c8200521f2f7579f65a044271be < f39027cbada43b33566c312e6be3db654ca3ad17 | affected |
| Linux | Linux | bafbdd527d569c8200521f2f7579f65a044271be < bd024e36f68174b1793906c39ca16cee0c9295c2 | affected |
| Linux | Linux | bafbdd527d569c8200521f2f7579f65a044271be < aefaccd19379d6c4620269a162bfb88ff687f289 | affected |
| Linux | Linux | bafbdd527d569c8200521f2f7579f65a044271be < cb2fab10fc5e7a3aa1bb0a68a3abdcf3e37852af | affected |
| Linux | Linux | bafbdd527d569c8200521f2f7579f65a044271be < cbda1b16687580d5beee38273f6241ae3725960c | affected |
| Linux | Linux | 4.16 | affected |
| Linux | Linux | 0 < 4.16 | unaffected |
| Linux | Linux | 4.19.228 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.176 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.96 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.19 <= 5.15.* | unaffected |
| Linux | Linux | 5.16.5 <= 5.16.* | unaffected |
| Linux | Linux | 5.17 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/67d271760b037ce0806d687ee6057edc8afd4205
- https://git.kernel.org/stable/c/f39027cbada43b33566c312e6be3db654ca3ad17
- https://git.kernel.org/stable/c/bd024e36f68174b1793906c39ca16cee0c9295c2
- https://git.kernel.org/stable/c/aefaccd19379d6c4620269a162bfb88ff687f289
- https://git.kernel.org/stable/c/cb2fab10fc5e7a3aa1bb0a68a3abdcf3e37852af
- https://git.kernel.org/stable/c/cbda1b16687580d5beee38273f6241ae3725960c
References
- https://git.kernel.org/stable/c/67d271760b037ce0806d687ee6057edc8afd4205
- https://git.kernel.org/stable/c/f39027cbada43b33566c312e6be3db654ca3ad17
- https://git.kernel.org/stable/c/bd024e36f68174b1793906c39ca16cee0c9295c2
- https://git.kernel.org/stable/c/aefaccd19379d6c4620269a162bfb88ff687f289
- https://git.kernel.org/stable/c/cb2fab10fc5e7a3aa1bb0a68a3abdcf3e37852af
- https://git.kernel.org/stable/c/cbda1b16687580d5beee38273f6241ae3725960c
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.