5.5
CVE-2022-48911
- EPSS 0.01%
- Veröffentlicht 22.08.2024 02:15:05
- Zuletzt bearbeitet 12.09.2024 13:24:58
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
LoginIn the Linux kernel, the following vulnerability has been resolved: netfilter: nf_queue: fix possible use-after-free Eric Dumazet says: The sock_hold() side seems suspect, because there is no guarantee that sk_refcnt is not already 0. On failure, we cannot queue the packet and need to indicate an error. The packet will be dropped by the caller. v2: split skb prefetch hunk into separate change
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 2.6.29 < 4.9.305
Linux ≫ Linux Kernel Version >= 4.10 < 4.14.270
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.233
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.183
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.104
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.27
Linux ≫ Linux Kernel Version >= 5.16 < 5.16.13
Linux ≫ Linux Kernel Version5.17 Updaterc1
Linux ≫ Linux Kernel Version5.17 Updaterc2
Linux ≫ Linux Kernel Version5.17 Updaterc3
Linux ≫ Linux Kernel Version5.17 Updaterc4
Linux ≫ Linux Kernel Version5.17 Updaterc5
Linux ≫ Linux Kernel Version5.17 Updaterc6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.01% | 0.013 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.