7.8

CVE-2022-50305

ASoC: sof_es8336: fix possible use-after-free in sof_es8336_remove()

In the Linux kernel, the following vulnerability has been resolved:

ASoC: sof_es8336: fix possible use-after-free in sof_es8336_remove()

sof_es8336_remove() calls cancel_delayed_work(). However, that
function does not wait until the work function finishes. This
means that the callback function may still be running after
the driver's remove function has finished, which would result
in a use-after-free.

Fix by calling cancel_delayed_work_sync(), which ensures that
the work is properly cancelled, no longer running, and unable
to re-schedule itself.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.0.11 < 6.0.16
LinuxLinux Kernel Version >= 6.1.1 < 6.1.2
LinuxLinux Kernel Version6.1 Update-
LinuxLinux Kernel Version6.1 Updaterc6
LinuxLinux Kernel Version6.1 Updaterc7
LinuxLinux Kernel Version6.1 Updaterc8
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.043
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://git.kernel.org/stable/c/b85102a3aa3810a09eb55692e8cd6ffbb304e57d
Patch
https://git.kernel.org/stable/c/390a1a98288a53b2e7555097d83c6e55d579b166
Patch
https://git.kernel.org/stable/c/1b41beaa7a58467505ec3023af8aad74f878b888
Patch