Lucene search

[email protected]CVE-2022-45888

HistoryNov 25, 2022 - 4:15 a.m.

CVE-2022-45888

2022-11-2504:15:00

CWE-362

CWE-416

[email protected]

web.nvd.nist.gov

linux kernel

cve-2022-45888

nvd

race condition

use-after-free

usb device

6.4 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

6.1 Medium

AI Score

Confidence

High

3.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

22.3%

JSON

An issue was discovered in the Linux kernel through 6.0.9. drivers/char/xillybus/xillyusb.c has a race condition and use-after-free during physical removal of a USB device.

CPENameOperatorVersion
linux:linux_kernellinux linux kernelle6.0.9
netapp:h410c_firmwarenetapp h410c firmwareeq-
netapp:h300s_firmwarenetapp h300s firmwareeq-
netapp:h500s_firmwarenetapp h500s firmwareeq-
netapp:h700s_firmwarenetapp h700s firmwareeq-
netapp:h410s_firmwarenetapp h410s firmwareeq-

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	le	6.0.9
netapp:h410c_firmware	netapp h410c firmware	eq	-
netapp:h300s_firmware	netapp h300s firmware	eq	-
netapp:h500s_firmware	netapp h500s firmware	eq	-
netapp:h700s_firmware	netapp h700s firmware	eq	-
netapp:h410s_firmware	netapp h410s firmware	eq	-