7.8
CVE-2022-50022
- EPSS 0.22%
- Veröffentlicht 18.06.2025 11:01:25
- Zuletzt bearbeitet 13.11.2025 19:46:54
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
drivers:md:fix a potential use-after-free bug
In the Linux kernel, the following vulnerability has been resolved: drivers:md:fix a potential use-after-free bug In line 2884, "raid5_release_stripe(sh);" drops the reference to sh and may cause sh to be released. However, sh is subsequently used in lines 2886 "if (sh->batch_head && sh != sh->batch_head)". This may result in an use-after-free bug. It can be fixed by moving "raid5_release_stripe(sh);" to the bottom of the function.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.1 < 4.9.326
Linux ≫ Linux Kernel Version >= 4.10 < 4.14.291
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.256
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.211
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.138
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.63
Linux ≫ Linux Kernel Version >= 5.16 < 5.19.4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.119 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://git.kernel.org/stable/c/7470a4314b239e9a9580f248fdf4c9a92805490e
https://git.kernel.org/stable/c/09cf99bace7789d91caa8d10fbcfc8b2fb35857f
https://git.kernel.org/stable/c/e5b3dd2d92c4511e81f6e4ec9c5bb7ad25e03d13
https://git.kernel.org/stable/c/f5d46f1b47f65da1faf468277b261eb78c8e25b5
https://git.kernel.org/stable/c/5d8325fd15892c8ab1146edc1d7ed8463de39636
https://git.kernel.org/stable/c/d9b94c3ace549433de8a93eeb27b0391fc8ac406
https://git.kernel.org/stable/c/eb3a4f73f43f839df981dda5859e8e075067a360
https://git.kernel.org/stable/c/104212471b1c1817b311771d817fb692af983173