2 matches found
CVE-2022-48822
CVE-2022-48822 — Linux kernel usb f_fs use-after-free (epfile) Technical summary: A race between ffs_func_eps_disable (which uses a local copy of epfiles) and ffs_epfile_release can lead to use-after-free of the epfile read buffer. While ffs_epfile_release frees the buffer and destroys ffs->ep...
CVE-2022-48822
In the Linux kernel, the following vulnerability has been resolved: usb: ffs: Fix use-after-free for epfile Consider a case where ffsfuncepsdisable is called from ffsfuncdisable as part of composition switch and at the same time ffsepfilerelease get called from userspace. ffsepfilerelease will fr...