2 matches found
CVE-2022-50220
In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix linkwatch use-after-free on disconnect usbnet uses the work usbnetdeferredkevent to perform tasks which may sleep. On disconnect, completion of the work was originally awaited in -ndostop. But in 2003, that was moved ...
CVE-2022-50220
CVE-2022-50220 is a Linux kernel vulnerability in the usbnet subsystem where a use-after-free can occur on disconnect due to linkwatch handling after unregister_netdev. The issue stems from usbnet_deferred_kevent() being awaited in a path that may access freed netdev state, potentially enabling m...