3 matches found
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: NFC: port100: fixed a use-after-free in port100sendcomplete. Syzbot reported a UAF in port100sendcomplete. The root cause is the missing calls to usbkillurb in the error handling path of the -probe function. port100sendcomplet...
The vulnerability of the port100_send_complete() function in the NFC kernel of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the port100sendcomplete function in the NFC kernel of the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...
CVE-2022-48857
CVE-2022-48857 affects the Linux kernel NFC port100 driver (drivers/nfc/port100.c). The vulnerability is a use-after-free in port100_send_complete caused by freed devm memory on probe failure due to missing usb_kill_urb() calls on the error path. Impact is described as use-after-free; remediation...