In the Linux kernel, the following vulnerability has been resolved:
net: mscc: ocelot: fix use-after-free in ocelot_vlan_del()
ocelot_vlan_member_del() will free the struct ocelot_bridge_vlan, so if
this is the same as the port’s pvid_vlan which we access afterwards,
what we’re accessing is freed memory.
Fix the bug by determining whether to clear ocelot_port->pvid_vlan prior
to calling ocelot_vlan_member_del().
git.kernel.org/linus/ef57640575406f57f5b3393cf57f457b0ace837e (5.17-rc5)
git.kernel.org/stable/c/c98bed60cdd7f22237ae256cc9c1c3087206b8a2
git.kernel.org/stable/c/ef57640575406f57f5b3393cf57f457b0ace837e
launchpad.net/bugs/cve/CVE-2022-48779
nvd.nist.gov/vuln/detail/CVE-2022-48779
security-tracker.debian.org/tracker/CVE-2022-48779
www.cve.org/CVERecord?id=CVE-2022-48779