CVE-2022-48779

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: mscc: ocelot: fix use-after-free in ocelot_vlan_del()

ocelot_vlan_member_del() will free the struct ocelot_bridge_vlan, so if this is the same as the port's pvid_vlan which we access afterwards, what we're accessing is freed memory.

Fix the bug by determining whether to clear ocelot_port->pvid_vlan prior to calling ocelot_vlan_member_del().

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd4004422f6f9fa8e55c04482008c1c9f9edd2d19 < c98bed60cdd7f22237ae256cc9c1c3087206b8a2affected
LinuxLinuxd4004422f6f9fa8e55c04482008c1c9f9edd2d19 < ef57640575406f57f5b3393cf57f457b0ace837eaffected
LinuxLinux5.16affected
LinuxLinux0 < 5.16unaffected
LinuxLinux5.16.11 <= 5.16.*unaffected
LinuxLinux5.17 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References