CVE-2022-50677

Summary

In the Linux kernel, the following vulnerability has been resolved:

ipmi: fix use after free in _ipmi_destroy_user()

The intf_free() function frees the "intf" pointer so we cannot dereference it again on the next line.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf9d405a4bd6090ffbf3bba5e2da6b44c0e013cb3 < 35ad87bfe330f7ef6a19f772223c63296d643172affected
LinuxLinuxb642ced2cad496c32ae1f62b85fc395391190820 < d23006f2a56e11a3103de0ca8b843bf7fd7d76fcaffected
LinuxLinuxcbb79863fc3175ed5ac506465948b02a893a8235 < f29d127b372e1b7662397d92341d9f7de198ff99affected
LinuxLinuxcbb79863fc3175ed5ac506465948b02a893a8235 < bfce073089cb81482521c65061835aaa6d1a6cc0affected
LinuxLinuxcbb79863fc3175ed5ac506465948b02a893a8235 < f7fde441198a9ecb130c3ccec91ee2131d6998eeaffected
LinuxLinuxcbb79863fc3175ed5ac506465948b02a893a8235 < 1fc9b20a7688000fcf4d7fbaa58e415a3cdda961affected
LinuxLinuxcbb79863fc3175ed5ac506465948b02a893a8235 < a92ce570c81dc0feaeb12a429b4bc65686d17967affected
LinuxLinux4.19.92 < 4.19.270affected
LinuxLinux5.4.7 < 5.4.229affected
LinuxLinux5.5affected
LinuxLinux0 < 5.5unaffected
LinuxLinux4.19.270 <= 4.19.*unaffected
LinuxLinux5.4.229 <= 5.4.*unaffected
LinuxLinux5.10.163 <= 5.10.*unaffected
LinuxLinux5.15.87 <= 5.15.*unaffected
LinuxLinux6.0.18 <= 6.0.*unaffected
LinuxLinux6.1.4 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

References