7.8
CVE-2022-48962
- EPSS 0.24%
- Veröffentlicht 21.10.2024 20:15:08
- Zuletzt bearbeitet 24.10.2024 19:27:13
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.8 < 4.9.336
Linux ≫ Linux Kernel Version >= 4.10 < 4.14.302
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.269
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.227
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.159
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.83
Linux ≫ Linux Kernel Version >= 5.16 < 6.0.13
Linux ≫ Linux Kernel Version6.1 Updaterc1
Linux ≫ Linux Kernel Version6.1 Updaterc2
Linux ≫ Linux Kernel Version6.1 Updaterc3
Linux ≫ Linux Kernel Version6.1 Updaterc4
Linux ≫ Linux Kernel Version6.1 Updaterc5
Linux ≫ Linux Kernel Version6.1 Updaterc6
Linux ≫ Linux Kernel Version6.1 Updaterc7
Linux ≫ Linux Kernel Version6.1 Updaterc8
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.145 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://git.kernel.org/stable/c/196e12671cb629d9f3b77b4d8bec854fc445533a
https://git.kernel.org/stable/c/296a50aa8b2982117520713edc1375777a9f8506
https://git.kernel.org/stable/c/3501da8eb6d0f5f114a09ec953c54423f6f35885
https://git.kernel.org/stable/c/4640177049549de1a43e9bc49265f0cdfce08cfd
https://git.kernel.org/stable/c/6f4798ac9c9e98f41553c4f5e6c832c8860a6942
https://git.kernel.org/stable/c/8595a2db8eb0ffcbb466eb9f4a7507a5ba06ebb9
https://git.kernel.org/stable/c/aceec8ab752428d8e151321479e82cc1a40fee2e
https://git.kernel.org/stable/c/e71a46cc8c9ad75f3bb0e4b361e81f79c0214cca