CVE-2022-49127
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
ref_tracker: implement use-after-free detection
Whenever ref_tracker_dir_init() is called, mark the struct ref_tracker_dir as dead.
Test the dead status from ref_tracker_alloc() and ref_tracker_free()
This should detect buggy dev_put()/dev_hold() happening too late in netdevice dismantle process.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 4e66934eaadc83b27ada8d42b60894018f3bfabf < 3743c9de303fa36c2e2ca2522ab280c52bcafbd2 | affected |
| Linux | Linux | 4e66934eaadc83b27ada8d42b60894018f3bfabf < e3ececfe668facd87d920b608349a32607060e66 | affected |
| Linux | Linux | 5.17 | affected |
| Linux | Linux | 0 < 5.17 | unaffected |
| Linux | Linux | 5.17.3 <= 5.17.* | unaffected |
| Linux | Linux | 5.18 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://git.kernel.org/stable/c/3743c9de303fa36c2e2ca2522ab280c52bcafbd2
- https://git.kernel.org/stable/c/e3ececfe668facd87d920b608349a32607060e66
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.