CVE-2022-48851

Summary

In the Linux kernel, the following vulnerability has been resolved:

staging: gdm724x: fix use after free in gdm_lte_rx()

The netif_rx_ni() function frees the skb so we can't dereference it to save the skb->len.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux61e121047645122c47714fcda684d0ee67f444af < 6dc7b87c62423bfa68139fe95e85028aab584c9aaffected
LinuxLinux61e121047645122c47714fcda684d0ee67f444af < 83a9c886c2b5a0d28c0b37e1736b47f38d61332aaffected
LinuxLinux61e121047645122c47714fcda684d0ee67f444af < 48ecdf3e29a6e514e8196691589c7dfc6c4ac169affected
LinuxLinux61e121047645122c47714fcda684d0ee67f444af < 403e3afe241b62401de1f8629c9c6b9b3d69dbffaffected
LinuxLinux61e121047645122c47714fcda684d0ee67f444af < 6d9700b445098dbbce0caff4b8cfca214cf1e757affected
LinuxLinux61e121047645122c47714fcda684d0ee67f444af < 1fb9dd3787495b4deb0efe66c58306b65691a48faffected
LinuxLinux61e121047645122c47714fcda684d0ee67f444af < d39dc79513e99147b4c158a8a9e46743e23944f5affected
LinuxLinux61e121047645122c47714fcda684d0ee67f444af < fc7f750dc9d102c1ed7bbe4591f991e770c99033affected
LinuxLinux3.12affected
LinuxLinux0 < 3.12unaffected
LinuxLinux4.9.307 <= 4.9.*unaffected
LinuxLinux4.14.272 <= 4.14.*unaffected
LinuxLinux4.19.235 <= 4.19.*unaffected
LinuxLinux5.4.185 <= 5.4.*unaffected
LinuxLinux5.10.106 <= 5.10.*unaffected
LinuxLinux5.15.29 <= 5.15.*unaffected
LinuxLinux5.16.15 <= 5.16.*unaffected
LinuxLinux5.17 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References