CVE-2022-48981

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/shmem-helper: Remove errant put in error path

drm_gem_shmem_mmap() doesn't own this reference, resulting in the GEM object getting prematurely freed leading to a later use-after-free.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux2194a63a818db71065ebe09c8104f5f021ca4e7b < 585a07b820059462e0c93b76c7de2cd946b26b40affected
LinuxLinux2194a63a818db71065ebe09c8104f5f021ca4e7b < 6a4da05acd062ae7774b6b19cef2b7d922902d36affected
LinuxLinux2194a63a818db71065ebe09c8104f5f021ca4e7b < 83e3da8bb92fcfa7a1d232cf55f9e6c49bb84942affected
LinuxLinux2194a63a818db71065ebe09c8104f5f021ca4e7b < 586847b98e20ab02212ca5c1fc46680384e68a28affected
LinuxLinux2194a63a818db71065ebe09c8104f5f021ca4e7b < 24013314be6ee4ee456114a671e9fa3461323de8affected
LinuxLinux5.2affected
LinuxLinux0 < 5.2unaffected
LinuxLinux5.4.227 <= 5.4.*unaffected
LinuxLinux5.10.159 <= 5.10.*unaffected
LinuxLinux5.15.83 <= 5.15.*unaffected
LinuxLinux6.0.13 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References