7.8

CVE-2022-49385

driver: base: fix UAF when driver_attach failed

In the Linux kernel, the following vulnerability has been resolved:

driver: base: fix UAF when driver_attach failed

When driver_attach(drv); failed, the driver_private will be freed.
But it has been added to the bus, which caused a UAF.

To fix it, we need to delete it from the bus when failed.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.9 < 5.4.198
LinuxLinux Kernel Version >= 5.5 < 5.10.122
LinuxLinux Kernel Version >= 5.11 < 5.15.47
LinuxLinux Kernel Version >= 5.16 < 5.17.15
LinuxLinux Kernel Version >= 5.18 < 5.18.4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.29% 0.207
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://git.kernel.org/stable/c/310862e574001a97ad02272bac0fd13f75f42a27
Patch
https://git.kernel.org/stable/c/5389101257828d1913d713d9a40acbe14f5961df
Patch
https://git.kernel.org/stable/c/5d709f58c743166fe1c6914b9de0ae8868600d9b
Patch
https://git.kernel.org/stable/c/823f24f2e329babd0330200d0b74882516fe57f4
Patch
https://git.kernel.org/stable/c/c059665c84feab46b7173d3a1bf36c2fb7f9df86
Patch
https://git.kernel.org/stable/c/cdf1a683a01583bca4b618dd16223cbd6e462e21
Patch