7.8
CVE-2022-50274
- EPSS 0.01%
- Veröffentlicht 15.09.2025 14:21:10
- Zuletzt bearbeitet 03.12.2025 18:21:27
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
media: dvbdev: adopts refcnt to avoid UAF
In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: adopts refcnt to avoid UAF dvb_unregister_device() is known that prone to use-after-free. That is, the cleanup from dvb_unregister_device() releases the dvb_device even if there are pointers stored in file->private_data still refer to it. This patch adds a reference counter into struct dvb_device and delays its deallocation until no pointer refers to the object.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 4.14.303
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.270
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.229
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.163
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.86
Linux ≫ Linux Kernel Version >= 5.16 < 6.0.16
Linux ≫ Linux Kernel Version >= 6.1 < 6.1.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.01% | 0.026 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.