CVE-2022-50785

Summary

In the Linux kernel, the following vulnerability has been resolved:

fsi: occ: Prevent use after free

Use get_device and put_device in the open and close functions to make sure the device doesn't get freed while a file descriptor is open. Also, lock around the freeing of the device buffer and check the buffer before using it in the submit function.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux008d3825a805557464c5e75f9eb806a3aa2f5e6d < 1d5ad0a874ddfcee9f932f54b1d34cbe8b9ddcfeaffected
LinuxLinux008d3825a805557464c5e75f9eb806a3aa2f5e6d < 3593e8efc9f0dac6be70bd5c964eadaa86bf2713affected
LinuxLinux008d3825a805557464c5e75f9eb806a3aa2f5e6d < d3e1e24604031b0d83b6c2d38f54eeea265cfcc0affected
LinuxLinux5.16affected
LinuxLinux0 < 5.16unaffected
LinuxLinux5.19.17 <= 5.19.*unaffected
LinuxLinux6.0.3 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

References