CVE-2022-48783

EPSS 0.02%
Published 16.07.2024 12:15:03
Last modified 21.11.2024 07:34:00
Source 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Open
Login

In the Linux kernel, the following vulnerability has been resolved:

net: dsa: lantiq_gswip: fix use after free in gswip_remove()

of_node_put(priv->ds->slave_mii_bus->dev.of_node) should be
done before mdiobus_free(priv->ds->slave_mii_bus).

Affected products Warnungen 0 Metrics 2 CWE 1 References 7

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version5.10.101

Linux ≫ Linux Kernel Version5.15.24

Linux ≫ Linux Kernel Version5.16.10

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.033

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://git.kernel.org/stable/c/8c6ae46150a453f8ae9a6cd49b45f354f478587d

Patch

Mailing List

https://git.kernel.org/stable/c/c61f599b8d33adfa256126a6695c734c0de331cb

Patch

Mailing List

https://git.kernel.org/stable/c/df2495f329b08ac0d0d3e6334a01955ae839005e

Patch

Mailing List

https://git.kernel.org/stable/c/f48bd34137718042872d06f2c7332b3267a29165

Patch

Mailing List

https://nvd.nist.gov/vuln/detail/CVE-2022-48783

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-48783

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-48783

EUVD