Lucene search

Redhat.comRH:CVE-2022-48626

HistoryFeb 26, 2024 - 11:31 a.m.

CVE-2022-48626

2024-02-2611:31:42

redhat.com

access.redhat.com

linux kernel

cve-2022-48626

moxart driver

use-after-free

vulnerability

mmc host structure

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

A use-after-free flaw was found in the Linux kernel’s MOXART SD/MMC Host Controller driver. This flaw allows a local user to crash the system.

Mitigation

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

References

bugzilla.redhat.com/show_bug.cgi?id=2266029

lore.kernel.org/linux-cve-announce/2024022558-CVE-2022-48626-8a90@gregkh/T/#u

nvd.nist.gov/vuln/detail/CVE-2022-48626

www.cve.org/CVERecord?id=CVE-2022-48626

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for RH:CVE-2022-48626