Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-49258

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccree - Fix use after free in cccipherexit kfreesensitivectxp-user.key will free the ctxp-user.key. But ctxp-user.key is still used in the next line,...

7.8CVSS6.8AI score0.00252EPSS
Exploits0References2
NVD
NVD
added 2025/02/26 7:1 a.m.24 views

CVE-2022-49258

In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - Fix use after free in cccipherexit kfreesensitivectxp-user.key will free the ctxp-user.key. But ctxp-user.key is still used in the next line, which will lead to a use after free. We can call kfreesensitive after...

7.8CVSS0.00252EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/02/26 7:1 a.m.7 views

CVE-2022-49258

In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - Fix use after free in cccipherexit kfreesensitivectxp-user.key will free the ctxp-user.key. But ctxp-user.key is still used in the next line, which will lead to a use after free. We can call kfreesensitive after...

7.8CVSS6.3AI score0.00252EPSS
Exploits0References7
CVE
CVE
added 2025/02/26 1:56 a.m.99 views

CVE-2022-49258

The CVE-2022-49258 issue is in the Linux kernel crypto/ccree: a use-after-free in cc_cipher_exit() where ctx_p->user.key is freed by kfree_sensitive() but still used on the following line. The fix prevents UAF by moving kfree_sensitive(ctx_p->user.key) after dev_dbg(), effectively ensuring ...

7.8CVSS5.5AI score0.00252EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2025/02/26 1:56 a.m.22 views

CVE-2022-49258 crypto: ccree - Fix use after free in cc_cipher_exit()

In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - Fix use after free in cccipherexit kfreesensitivectxp-user.key will free the ctxp-user.key. But ctxp-user.key is still used in the next line, which will lead to a use after free. We can call kfreesensitive after...

0.00252EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/02/26 1:56 a.m.15 views

CVE-2022-49258

In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - Fix use after free in cccipherexit kfreesensitivectxp-user.key will free the ctxp-user.key. But ctxp-user.key is still used in the next line, which will lead to a use after free. We can call kfreesensitive after...

7.8CVSS5.6AI score0.00252EPSS
Exploits0
Rows per page
Query Builder