Lucene search
LinuxVULNRICHMENT:CVE-2022-48791HistoryJul 16, 2024 - 11:43 a.m.
CVE-2022-48791 scsi: pm8001: Fix use-after-free for aborted TMF sas_task
2024-07-1611:43:47
Linux
github.com
1
linux kernel
use-after-free
pm8001
sas_task_state_aborted
In the Linux kernel, the following vulnerability has been resolved:
scsi: pm8001: Fix use-after-free for aborted TMF sas_task
Currently a use-after-free may occur if a TMF sas_task is aborted before we
handle the IO completion in mpi_ssp_completion(). The abort occurs due to
timeout.
When the timeout occurs, the SAS_TASK_STATE_ABORTED flag is set and the
sas_task is freed in pm8001_exec_internal_tmf_task().
However, if the I/O completion occurs later, the I/O completion still
thinks that the sas_task is available. Fix this by clearing the ccb->task
if the TMF times out - the I/O completion handler does nothing if this
pointer is cleared.
Related
ubuntucve
ubuntucve
CVE-2022-48791
2024-07-16 00:00:00
redhatcve
redhatcve
CVE-2022-48791
2024-07-16 22:59:00
nvd
nvd
CVE-2022-48791
2024-07-16 12:15:03
cvelist
cvelist
CVE-2022-48791 scsi: pm8001: Fix use-after-free for aborted TMF sas_task
2024-07-16 11:43:47
cve
cve
CVE-2022-48791
2024-07-16 12:15:03
debiancve
debiancve
CVE-2022-48791
2024-07-16 12:15:03
osv
osv
CVE-2022-48791
2024-07-16 12:15:03
redos
redos
ROS-20240816-12
2024-08-16 00:00:00
nessus
nessus
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:3249-1)
2024-09-17 00:00:00
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2929-1)
2024-08-16 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2894-1)
2024-08-14 00:00:00
openvas
openvas
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:2947-1)
2024-08-20 00:00:00
AI Score
6.8
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2022-48791