{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-45884", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-03T14:24:03.235Z", "dateReserved": "2022-11-25T00:00:00", "datePublished": "2022-11-25T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-03-25T00:40:39.847108"}, "descriptions": [{"lang": "en", "value": "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel%40gmail.com/"}, {"url": "https://lore.kernel.org/linux-media/20221115131822.6640-4-imv4bel%40gmail.com/"}, {"url": "https://security.netapp.com/advisory/ntap-20230113-0006/"}, {"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=627bb528b086b4136315c25d6a447a98ea9448d3"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T14:24:03.235Z"}, "title": "CVE Program Container", "references": [{"url": "https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel%40gmail.com/", "tags": ["x_transferred"]}, {"url": "https://lore.kernel.org/linux-media/20221115131822.6640-4-imv4bel%40gmail.com/", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20230113-0006/", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=627bb528b086b4136315c25d6a447a98ea9448d3", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC099292-5E69-436B-BEC2-5835D46BE6AE", "versionEndIncluding": "6.0.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", "matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", "matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", "matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", "matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", "matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en el kernel de Linux hasta la versi\u00f3n 6.0.9. drivers/media/dvb-core/dvbdev.c tiene un use-after-free, relacionado con dvb_register_device que asigna din\u00e1micamente fops."}], "id": "CVE-2022-45884", "lastModified": "2024-11-21T07:29:53.337", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-11-25T04:15:09.180", "references": [{"source": "cve@mitre.org", "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=627bb528b086b4136315c25d6a447a98ea9448d3"}, {"source": "cve@mitre.org", "url": "https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel%40gmail.com/"}, {"source": "cve@mitre.org", "url": "https://lore.kernel.org/linux-media/20221115131822.6640-4-imv4bel%40gmail.com/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20230113-0006/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=627bb528b086b4136315c25d6a447a98ea9448d3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel%40gmail.com/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lore.kernel.org/linux-media/20221115131822.6640-4-imv4bel%40gmail.com/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20230113-0006/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}, {"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2023:7548", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-513.9.1.rt7.311.el8_9", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-11-28T00:00:00Z"}, {"advisory": "RHSA-2023:7549", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-513.9.1.el8_9", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-11-28T00:00:00Z"}, {"advisory": "RHSA-2023:7398", "cpe": "cpe:/o:redhat:rhel_eus:8.6", "package": "kernel-0:4.18.0-372.80.1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2023-11-21T00:00:00Z"}, {"advisory": "RHSA-2023:7539", "cpe": "cpe:/o:redhat:rhel_eus:8.8", "package": "kernel-0:4.18.0-477.36.1.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2023-11-28T00:00:00Z"}, {"advisory": "RHSA-2023:7398", "cpe": "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "package": "kernel-0:4.18.0-372.80.1.el8_6", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "release_date": "2023-11-21T00:00:00Z"}], "bugzilla": {"description": "kernel: use-after-free due to race condition occurring in dvb_register_device()", "id": "2148510", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148510"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-362->CWE-416", "details": ["An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.", "A race condition flaw leading to a use-after-free issue was found in the Linux kernel media subsystem in the DVB core device driver. It could occur in the dvb_register_device() function due to the file_operations structure (fops) being dynamically allocated and later kfreed. A local user could use this flaw to crash the system or potentially escalate their privileges on the system."], "mitigation": {"lang": "en:us", "value": "To mitigate this issue, it is possible to prevent the affected code from being loaded by blacklisting the `dvb-core` kernel module. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278."}, "name": "CVE-2022-45884", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2022-11-15T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-45884\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-45884\nhttps://lore.kernel.org/linux-media/20221117045925.14297-4-imv4bel@gmail.com/"], "statement": "To exploit this vulnerability, an attacker must either have credentials for a vulnerable system and physical access to its ports, or they must have the elevated privileges necessary to control USB via sysfs. For that reason, Red Hat assesses the impact of this vulnerability as Moderate.", "threat_severity": "Moderate"}

{}