Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLinuxCVELIST:CVE-2022-48854
HistoryJul 16, 2024 - 12:25 p.m.

CVE-2022-48854 net: arc_emac: Fix use after free in arc_mdio_probe()

2024-07-1612:25:20
Linux
www.cve.org
4
vulnerability
linux kernel
use after free
fix
arc_emac
arc_mdio_probe
mdiobus_allocated
uaf

EPSS

0

Percentile

9.3%

JSON

In the Linux kernel, the following vulnerability has been resolved:

net: arc_emac: Fix use after free in arc_mdio_probe()

If bus->state is equal to MDIOBUS_ALLOCATED, mdiobus_free(bus) will free
the “bus”. But bus->name is still used in the next line, which will lead
to a use after free.

We can fix it by putting the name in a local variable and make the
bus->name point to the rodata section “name”,then use the name in the
error message without referring to bus to avoid the uaf.

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/ethernet/arc/emac_mdio.c"
    ],
    "versions": [
      {
        "version": "95b5fc03c189",
        "lessThan": "84c831803785",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "95b5fc03c189",
        "lessThan": "bc0e610a6eb0",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/ethernet/arc/emac_mdio.c"
    ],
    "versions": [
      {
        "version": "5.16",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.16",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.16.15",
        "lessThanOrEqual": "5.16.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.17",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

redhatcve 1
ubuntucve 1
cve 1
osv 1
debiancve 1
nvd 1
vulnrichment 1
redos 1
redhatcve
redhatcve
CVE-2022-48854
2024-07-16 20:25:36
ubuntucve
ubuntucve
CVE-2022-48854
2024-07-16 00:00:00
cve
cve
CVE-2022-48854
2024-07-16 13:15:12
osv
osv
CVE-2022-48854
2024-07-16 13:15:12
debiancve
debiancve
CVE-2022-48854
2024-07-16 13:15:12
nvd
nvd
CVE-2022-48854
2024-07-16 13:15:12
vulnrichment
vulnrichment
CVE-2022-48854 net: arc_emac: Fix use after free in arc_mdio_probe()
2024-07-16 12:25:20
redos
redos
ROS-20240829-02
2024-08-29 00:00:00

EPSS

0

Percentile

9.3%

JSON
Related for CVELIST:CVE-2022-48854
redhatcve1ubuntucve1cve1osv1debiancve1nvd1vulnrichment1redos1