CVE-2022-48773

Summary

In the Linux kernel, the following vulnerability has been resolved:

xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create

If there are failures then we must not leave the non-NULL pointers with the error value, otherwise rpcrdma_ep_destroy gets confused and tries free them, resulting in an Oops.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux85cd8e2b78eea7374927750ffec60bf047f8f90b < 1e7433fb95ccc01629a5edaa4ced0cd8c98d0ae0affected
LinuxLinux85cd8e2b78eea7374927750ffec60bf047f8f90b < 9921c866dc369577c3ebb9adf2383b01b58c18deaffected
LinuxLinux85cd8e2b78eea7374927750ffec60bf047f8f90b < 2526d4d8b209dc5ac1fbeb468149774888b2a141affected
LinuxLinux85cd8e2b78eea7374927750ffec60bf047f8f90b < a9c10b5b3b67b3750a10c8b089b2e05f5e176e33affected
LinuxLinux5.7affected
LinuxLinux0 < 5.7unaffected
LinuxLinux5.10.102 <= 5.10.*unaffected
LinuxLinux5.15.25 <= 5.15.*unaffected
LinuxLinux5.16.11 <= 5.16.*unaffected
LinuxLinux5.17 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References