CVE-2022-48626

In the Linux kernel, the following vulnerability has been resolved: moxart: fix potential use-after-free on remove path It was reported that the mmc host structure could be accessed after it was freed in moxart_remove(), so fix this by saving the base register of the device and using it instead of the pointer dereference.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/3a0a7ec5574b510b067cfc734b8bdb6564b31d4e	Patch
https://git.kernel.org/stable/c/7f901d53f120d1921f84f7b9b118e87e94b403c5	Patch
https://git.kernel.org/stable/c/9c25d5ff1856b91bd4365e813f566cb59aaa9552	Patch
https://git.kernel.org/stable/c/af0e6c49438b1596e4be8a267d218a0c88a42323	Patch
https://git.kernel.org/stable/c/bd2db32e7c3e35bd4d9b8bbff689434a50893546	Patch
https://git.kernel.org/stable/c/be93028d306dac9f5b59ebebd9ec7abcfc69c156	Patch
https://git.kernel.org/stable/c/e6f580d0b3349646d4ee1ce0057eb273e8fb7e2e	Patch
https://git.kernel.org/stable/c/f5dc193167591e88797262ec78515a0cbe79ff5f	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

No history.

Information

Published : 2024-02-26 16:27

Updated : 2024-04-17 19:28

NVD link : CVE-2022-48626

Mitre link : CVE-2022-48626

CVE.ORG link : CVE-2022-48626

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-416

Use After Free

{"id": "CVE-2022-48626", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2024-02-26T16:27:45.720", "references": [{"url": "https://git.kernel.org/stable/c/3a0a7ec5574b510b067cfc734b8bdb6564b31d4e", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/7f901d53f120d1921f84f7b9b118e87e94b403c5", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/9c25d5ff1856b91bd4365e813f566cb59aaa9552", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/af0e6c49438b1596e4be8a267d218a0c88a42323", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/bd2db32e7c3e35bd4d9b8bbff689434a50893546", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/be93028d306dac9f5b59ebebd9ec7abcfc69c156", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/e6f580d0b3349646d4ee1ce0057eb273e8fb7e2e", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/f5dc193167591e88797262ec78515a0cbe79ff5f", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-416"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmoxart: fix potential use-after-free on remove path\n\nIt was reported that the mmc host structure could be accessed after it\nwas freed in moxart_remove(), so fix this by saving the base register of\nthe device and using it instead of the pointer dereference."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: moxart: corrige el posible use-after-free en la ruta de eliminaci\u00f3n. Se inform\u00f3 que se pod\u00eda acceder a la estructura del host mmc despu\u00e9s de que se liber\u00f3 en moxart_remove(), as\u00ed que solucione este problema guardando el registro base del dispositivo y usarlo en lugar de la desreferencia del puntero."}], "lastModified": "2024-04-17T19:28:53.540", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C73D1F55-82C4-4327-92BE-06DB2E9EAA3F", "versionEndExcluding": "4.9.301"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51CBF15C-E2C2-46D6-8B44-FD1DBC4B90AA", "versionEndExcluding": "4.14.266", "versionStartIncluding": "4.10.0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18A62436-9A1F-4D76-8171-673ABD2F8FF0", "versionEndExcluding": "4.19.229", "versionStartIncluding": "4.15.0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D555D9E-77E5-4394-B778-A4120D57AF6D", "versionEndExcluding": "5.4.179", "versionStartIncluding": "4.20.0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2087D356-66AA-4AF1-9573-7F9CCDF45E69", "versionEndExcluding": "5.10.100", "versionStartIncluding": "5.5.0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D02A8AAA-DFB4-4A35-BFE6-D37996722B78", "versionEndExcluding": "5.15.23", "versionStartIncluding": "5.11.0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BABAFD2D-69AC-41BE-9833-6304358DA047", "versionEndExcluding": "5.16.9", "versionStartIncluding": "5.16.0"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}