CVE-2022-48899

2024-08-2107:15:05

CWE-416

416baaa9-dc9f-4396-8d5f-8c081fb06d67

web.nvd.nist.gov

linux kernel

vulnerability

fixed

drm/virtio

use-after-free

race condition

gem handle creation

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

5.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:

drm/virtio: Fix GEM handle creation UAF

Userspace can guess the handle value and try to race GEM object creation
with handle close, resulting in a use-after-free if we dereference the
object after dropping the handle’s reference. For that reason, dropping
the handle’s reference must be done after we are done dereferencing
the object.

Affected configurations

Nvd

Node

linuxlinux_kernelRange4.4–4.19.270

linuxlinux_kernelRange4.20–5.4.229

linuxlinux_kernelRange5.5–5.10.164

linuxlinux_kernelRange5.11–5.15.89

linuxlinux_kernelRange5.16–6.1.7

linuxlinux_kernelMatch6.2rc1

linuxlinux_kernelMatch6.2rc2

linuxlinux_kernelMatch6.2rc3

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel6.2cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*
linuxlinux_kernel6.2cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*
linuxlinux_kernel6.2cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	6.2	cpe:2.3:o:linux:linux_kernel:6.2:rc1::::::
linux	linux_kernel	6.2	cpe:2.3:o:linux:linux_kernel:6.2:rc2::::::
linux	linux_kernel	6.2	cpe:2.3:o:linux:linux_kernel:6.2:rc3::::::