7.8
CVE-2022-48960
- EPSS 0.24%
- Veröffentlicht 21.10.2024 20:15:07
- Zuletzt bearbeitet 24.10.2024 19:24:43
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
net: hisilicon: Fix potential use-after-free in hix5hd2_rx()
In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 3.16 < 4.9.336
Linux ≫ Linux Kernel Version >= 4.10 < 4.14.302
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.269
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.227
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.159
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.83
Linux ≫ Linux Kernel Version >= 5.16 < 6.0.13
Linux ≫ Linux Kernel Version6.1 Updaterc1
Linux ≫ Linux Kernel Version6.1 Updaterc2
Linux ≫ Linux Kernel Version6.1 Updaterc3
Linux ≫ Linux Kernel Version6.1 Updaterc4
Linux ≫ Linux Kernel Version6.1 Updaterc5
Linux ≫ Linux Kernel Version6.1 Updaterc6
Linux ≫ Linux Kernel Version6.1 Updaterc7
Linux ≫ Linux Kernel Version6.1 Updaterc8
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.145 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://git.kernel.org/stable/c/179499e7a240b2ef590f05eb379c810c26bbc8a4
https://git.kernel.org/stable/c/1b6360a093ab8969c91a30bb58b753282e2ced4c
https://git.kernel.org/stable/c/3a4eddd1cb023a71df4152fcc76092953e6fe95a
https://git.kernel.org/stable/c/433c07a13f59856e4585e89e86b7d4cc59348fab
https://git.kernel.org/stable/c/8067cd244cea2c332f8326842fd10158fa2cb64f
https://git.kernel.org/stable/c/93aaa4bb72e388f6a4887541fd3d18b84f1b5ddc
https://git.kernel.org/stable/c/b6307f7a2fc1c5407b6176f2af34a95214a8c262
https://git.kernel.org/stable/c/b8ce0e6f9f88a6bb49d291498377e61ea27a5387