5.3
CVE-2022-48697
- EPSS 0.23%
- Veröffentlicht 03.05.2024 16:15:08
- Zuletzt bearbeitet 08.04.2025 15:47:37
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
nvmet: fix a use-after-free
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a use-after-free Fix the following use-after-free complaint triggered by blktests nvme/004: BUG: KASAN: user-memory-access in blk_mq_complete_request_remote+0xac/0x350 Read of size 4 at addr 0000607bd1835943 by task kworker/13:1/460 Workqueue: nvmet-wq nvme_loop_execute_work [nvme_loop] Call Trace: show_stack+0x52/0x58 dump_stack_lvl+0x49/0x5e print_report.cold+0x36/0x1e2 kasan_report+0xb9/0xf0 __asan_load4+0x6b/0x80 blk_mq_complete_request_remote+0xac/0x350 nvme_loop_queue_response+0x1df/0x275 [nvme_loop] __nvmet_req_complete+0x132/0x4f0 [nvmet] nvmet_req_complete+0x15/0x40 [nvmet] nvmet_execute_io_connect+0x18a/0x1f0 [nvmet] nvme_loop_execute_work+0x20/0x30 [nvme_loop] process_one_work+0x56e/0xa70 worker_thread+0x2d1/0x640 kthread+0x183/0x1c0 ret_from_fork+0x1f/0x30
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.8 < 4.19.260
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.213
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.143
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.68
Linux ≫ Linux Kernel Version >= 5.16 < 5.19.9
Linux ≫ Linux Kernel Version6.0 Updaterc1
Linux ≫ Linux Kernel Version6.0 Updaterc2
Linux ≫ Linux Kernel Version6.0 Updaterc3
Linux ≫ Linux Kernel Version6.0 Updaterc4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.133 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | 1.8 | 3.4 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://git.kernel.org/stable/c/17f121ca3ec6be0fb32d77c7f65362934a38cc8e
https://git.kernel.org/stable/c/4484ce97a78171668c402e0c45db7f760aea8060
https://git.kernel.org/stable/c/6a02a61e81c231cc5c680c5dbf8665275147ac52
https://git.kernel.org/stable/c/8d66989b5f7bb28bba2f8e1e2ffc8bfef4a10717
https://git.kernel.org/stable/c/be01f1c988757b95f11f090a9f491365670a522b
https://git.kernel.org/stable/c/ebf46da50beb78066674354ad650606a467e33fa