Lucene search
LinuxVULNRICHMENT:CVE-2022-48854HistoryJul 16, 2024 - 12:25 p.m.
CVE-2022-48854 net: arc_emac: Fix use after free in arc_mdio_probe()
2024-07-1612:25:20
Linux
github.com
cve-2022-48854
net
arc_emac
fix use after free
arc_mdio_probe
linux kernel
vulnerability
In the Linux kernel, the following vulnerability has been resolved:
net: arc_emac: Fix use after free in arc_mdio_probe()
If bus->state is equal to MDIOBUS_ALLOCATED, mdiobus_free(bus) will free
the “bus”. But bus->name is still used in the next line, which will lead
to a use after free.
We can fix it by putting the name in a local variable and make the
bus->name point to the rodata section “name”,then use the name in the
error message without referring to bus to avoid the uaf.
Related
cvelist
cvelist
CVE-2022-48854 net: arc_emac: Fix use after free in arc_mdio_probe()
2024-07-16 12:25:20
redhatcve
redhatcve
CVE-2022-48854
2024-07-16 20:25:36
ubuntucve
ubuntucve
CVE-2022-48854
2024-07-16 00:00:00
cve
cve
CVE-2022-48854
2024-07-16 13:15:12
osv
osv
CVE-2022-48854
2024-07-16 13:15:12
debiancve
debiancve
CVE-2022-48854
2024-07-16 13:15:12
nvd
nvd
CVE-2022-48854
2024-07-16 13:15:12
redos
redos
ROS-20240829-02
2024-08-29 00:00:00
AI Score
6.8
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2022-48854