Lucene search
K

6 matches found

Vulnrichment
Vulnrichment
added 2025/02/26 1:55 a.m.10 views

CVE-2022-49223 cxl/port: Hold port reference until decoder release

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Hold port reference until decoder release KASAN + DEBUGKOBJECTRELEASE reports a potential use-after-free in cxldecoderrelease where it goes to reference its parent, a cxlport, to free its id back to port-decoderida. BUG...

7.3AI score0.00252EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/02/26 1:55 a.m.12 views

CVE-2022-49223

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Hold port reference until decoder release KASAN + DEBUGKOBJECTRELEASE reports a potential use-after-free in cxldecoderrelease where it goes to reference its parent, a cxlport, to free its id back to port-decoderida. BUG...

7.8CVSS5.4AI score0.00252EPSS
Exploits0
CVE
CVE
added 2025/02/26 1:55 a.m.140 views

CVE-2022-49223

The CVE-2022-49223 issue affects the Linux kernel, in the cxl/port path within cxl_core. The root cause is a use-after-free risk in cxl_decoder_release() when it dereferences its parent cxl_port to return an ID to port->decoder_ida, highlighting that the device core only guarantees parent life...

7.8CVSS5.3AI score0.00252EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2024/05/21 3:30 p.m.114 views

CVE-2023-52771

CVE-2023-52771 affects the Linux kernel CXL stack. The issue is a race between delete_endpoint() teardown and parent unregistration, which can impact the cxl_mem/cxl_port topology during port removal. The provided description states two fixes: (1) acquire a reference on the parent to prevent use‑...

4.7CVSS6.1AI score0.0018EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2024/05/21 3:30 p.m.23 views

CVE-2023-52771

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix deleteendpoint vs parent unregistration race The CXL subsystem, at cxlmem -probe time, establishes a lineage of ports struct cxlport objects between an endpoint and the root of a CXL topology. Each port including th...

4.7CVSS6.7AI score0.0018EPSS
Exploits0
OSV
OSV
added 2024/05/21 3:30 p.m.20 views

CVE-2023-52771 cxl/port: Fix delete_endpoint() vs parent unregistration race

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix deleteendpoint vs parent unregistration race The CXL subsystem, at cxlmem -probe time, establishes a lineage of ports struct cxlport objects between an endpoint and the root of a CXL topology. Each port including th...

4.4CVSS5.7AI score0.0018EPSS
Exploits0References6
Rows per page
Query Builder