3 matches found
SUSE CVE-2022-48857
In the Linux kernel, the following vulnerability has been resolved: NFC: port100: fix use-after-free in port100sendcomplete Syzbot reported UAF in port100sendcomplete. The root case is in missing usbkillurb calls on error handling path of -probe function. port100sendcomplete accesses devm allocat...
CVE-2022-48857
In the Linux kernel, the following vulnerability has been resolved: NFC: port100: fix use-after-free in port100sendcomplete Syzbot reported UAF in port100sendcomplete. The root case is in missing usbkillurb calls on error handling path of -probe function. port100sendcomplete accesses devm allocat...
CVE-2022-48857
CVE-2022-48857 affects the Linux kernel NFC port100 driver (drivers/nfc/port100.c). The vulnerability is a use-after-free in port100_send_complete caused by freed devm memory on probe failure due to missing usb_kill_urb() calls on the error path. Impact is described as use-after-free; remediation...