{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-48742", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-06-20T11:09:39.054Z", "datePublished": "2024-06-20T11:13:26.653Z", "dateUpdated": "2025-05-04T08:22:10.792Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T08:22:10.792Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()\n\nWhile looking at one unrelated syzbot bug, I found the replay logic\nin __rtnl_newlink() to potentially trigger use-after-free.\n\nIt is better to clear master_dev and m_ops inside the loop,\nin case we have to replay it."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/core/rtnetlink.c"], "versions": [{"version": "ba7d49b1f0f8e5f24294a880ed576964059af5ef", "lessThan": "2cf180360d66bd657e606c1217e0e668e6faa303", "status": "affected", "versionType": "git"}, {"version": "ba7d49b1f0f8e5f24294a880ed576964059af5ef", "lessThan": "7d9211678c0f0624f74cdff36117ab8316697bb8", "status": "affected", "versionType": "git"}, {"version": "ba7d49b1f0f8e5f24294a880ed576964059af5ef", "lessThan": "a01e60a1ec6bef9be471fb7182a33c6d6f124e93", "status": "affected", "versionType": "git"}, {"version": "ba7d49b1f0f8e5f24294a880ed576964059af5ef", "lessThan": "bd43771ee9759dd9dfae946bff190e2c5a120de5", "status": "affected", "versionType": "git"}, {"version": "ba7d49b1f0f8e5f24294a880ed576964059af5ef", "lessThan": "3bbe2019dd12b8d13671ee6cda055d49637b4c39", "status": "affected", "versionType": "git"}, {"version": "ba7d49b1f0f8e5f24294a880ed576964059af5ef", "lessThan": "def5e7070079b2a214b3b1a2fbec623e6fbfe34a", "status": "affected", "versionType": "git"}, {"version": "ba7d49b1f0f8e5f24294a880ed576964059af5ef", "lessThan": "36a9a0aee881940476b254e0352581401b23f210", "status": "affected", "versionType": "git"}, {"version": "ba7d49b1f0f8e5f24294a880ed576964059af5ef", "lessThan": "c6f6f2444bdbe0079e41914a35081530d0409963", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/core/rtnetlink.c"], "versions": [{"version": "3.14", "status": "affected"}, {"version": "0", "lessThan": "3.14", "status": "unaffected", "versionType": "semver"}, {"version": "4.9.300", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.265", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.228", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.177", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.97", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.20", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.16.6", "lessThanOrEqual": "5.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.17", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.14", "versionEndExcluding": "4.9.300"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.14", "versionEndExcluding": "4.14.265"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.14", "versionEndExcluding": "4.19.228"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.14", "versionEndExcluding": "5.4.177"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.14", "versionEndExcluding": "5.10.97"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.14", "versionEndExcluding": "5.15.20"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.14", "versionEndExcluding": "5.16.6"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.14", "versionEndExcluding": "5.17"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/2cf180360d66bd657e606c1217e0e668e6faa303"}, {"url": "https://git.kernel.org/stable/c/7d9211678c0f0624f74cdff36117ab8316697bb8"}, {"url": "https://git.kernel.org/stable/c/a01e60a1ec6bef9be471fb7182a33c6d6f124e93"}, {"url": "https://git.kernel.org/stable/c/bd43771ee9759dd9dfae946bff190e2c5a120de5"}, {"url": "https://git.kernel.org/stable/c/3bbe2019dd12b8d13671ee6cda055d49637b4c39"}, {"url": "https://git.kernel.org/stable/c/def5e7070079b2a214b3b1a2fbec623e6fbfe34a"}, {"url": "https://git.kernel.org/stable/c/36a9a0aee881940476b254e0352581401b23f210"}, {"url": "https://git.kernel.org/stable/c/c6f6f2444bdbe0079e41914a35081530d0409963"}], "title": "rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:25:00.117Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/2cf180360d66bd657e606c1217e0e668e6faa303", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/7d9211678c0f0624f74cdff36117ab8316697bb8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a01e60a1ec6bef9be471fb7182a33c6d6f124e93", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bd43771ee9759dd9dfae946bff190e2c5a120de5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3bbe2019dd12b8d13671ee6cda055d49637b4c39", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/def5e7070079b2a214b3b1a2fbec623e6fbfe34a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/36a9a0aee881940476b254e0352581401b23f210", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c6f6f2444bdbe0079e41914a35081530d0409963", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48742", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:10:41.257620Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:34:48.431Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/2cf180360d66bd657e606c1217e0e668e6faa303", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/7d9211678c0f0624f74cdff36117ab8316697bb8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a01e60a1ec6bef9be471fb7182a33c6d6f124e93", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bd43771ee9759dd9dfae946bff190e2c5a120de5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3bbe2019dd12b8d13671ee6cda055d49637b4c39", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/def5e7070079b2a214b3b1a2fbec623e6fbfe34a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/36a9a0aee881940476b254e0352581401b23f210", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c6f6f2444bdbe0079e41914a35081530d0409963", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:25:00.117Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48742", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:10:41.257620Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:26.012Z"}}], "cna": {"title": "rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "ba7d49b1f0f8e5f24294a880ed576964059af5ef", "lessThan": "2cf180360d66bd657e606c1217e0e668e6faa303", "versionType": "git"}, {"status": "affected", "version": "ba7d49b1f0f8e5f24294a880ed576964059af5ef", "lessThan": "7d9211678c0f0624f74cdff36117ab8316697bb8", "versionType": "git"}, {"status": "affected", "version": "ba7d49b1f0f8e5f24294a880ed576964059af5ef", "lessThan": "a01e60a1ec6bef9be471fb7182a33c6d6f124e93", "versionType": "git"}, {"status": "affected", "version": "ba7d49b1f0f8e5f24294a880ed576964059af5ef", "lessThan": "bd43771ee9759dd9dfae946bff190e2c5a120de5", "versionType": "git"}, {"status": "affected", "version": "ba7d49b1f0f8e5f24294a880ed576964059af5ef", "lessThan": "3bbe2019dd12b8d13671ee6cda055d49637b4c39", "versionType": "git"}, {"status": "affected", "version": "ba7d49b1f0f8e5f24294a880ed576964059af5ef", "lessThan": "def5e7070079b2a214b3b1a2fbec623e6fbfe34a", "versionType": "git"}, {"status": "affected", "version": "ba7d49b1f0f8e5f24294a880ed576964059af5ef", "lessThan": "36a9a0aee881940476b254e0352581401b23f210", "versionType": "git"}, {"status": "affected", "version": "ba7d49b1f0f8e5f24294a880ed576964059af5ef", "lessThan": "c6f6f2444bdbe0079e41914a35081530d0409963", "versionType": "git"}], "programFiles": ["net/core/rtnetlink.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "3.14"}, {"status": "unaffected", "version": "0", "lessThan": "3.14", "versionType": "semver"}, {"status": "unaffected", "version": "4.9.300", "versionType": "semver", "lessThanOrEqual": "4.9.*"}, {"status": "unaffected", "version": "4.14.265", "versionType": "semver", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.228", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.177", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.97", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.20", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "5.16.6", "versionType": "semver", "lessThanOrEqual": "5.16.*"}, {"status": "unaffected", "version": "5.17", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/core/rtnetlink.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/2cf180360d66bd657e606c1217e0e668e6faa303"}, {"url": "https://git.kernel.org/stable/c/7d9211678c0f0624f74cdff36117ab8316697bb8"}, {"url": "https://git.kernel.org/stable/c/a01e60a1ec6bef9be471fb7182a33c6d6f124e93"}, {"url": "https://git.kernel.org/stable/c/bd43771ee9759dd9dfae946bff190e2c5a120de5"}, {"url": "https://git.kernel.org/stable/c/3bbe2019dd12b8d13671ee6cda055d49637b4c39"}, {"url": "https://git.kernel.org/stable/c/def5e7070079b2a214b3b1a2fbec623e6fbfe34a"}, {"url": "https://git.kernel.org/stable/c/36a9a0aee881940476b254e0352581401b23f210"}, {"url": "https://git.kernel.org/stable/c/c6f6f2444bdbe0079e41914a35081530d0409963"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()\n\nWhile looking at one unrelated syzbot bug, I found the replay logic\nin __rtnl_newlink() to potentially trigger use-after-free.\n\nIt is better to clear master_dev and m_ops inside the loop,\nin case we have to replay it."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.9.300", "versionStartIncluding": "3.14"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.14.265", "versionStartIncluding": "3.14"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.228", "versionStartIncluding": "3.14"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.177", "versionStartIncluding": "3.14"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.97", "versionStartIncluding": "3.14"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.20", "versionStartIncluding": "3.14"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.16.6", "versionStartIncluding": "3.14"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.17", "versionStartIncluding": "3.14"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T08:22:10.792Z"}}}, "cveMetadata": {"cveId": "CVE-2022-48742", "state": "PUBLISHED", "dateUpdated": "2025-05-04T08:22:10.792Z", "dateReserved": "2024-06-20T11:09:39.054Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-06-20T11:13:26.653Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "992A8983-3020-4403-A534-93A4971559F0", "versionEndExcluding": "4.9.300", "versionStartIncluding": "3.14", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4F849B5B-93E9-438A-AE05-0380EC168436", "versionEndExcluding": "4.14.265", "versionStartIncluding": "4.10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "87288F16-8DE4-4680-95D9-8601B47620D7", "versionEndExcluding": "4.19.228", "versionStartIncluding": "4.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B42832A3-1D9B-4BE0-8D4C-3AF681B52D98", "versionEndExcluding": "5.4.177", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "FB2BE440-BF07-4C49-9A0C-A63E4FA103A1", "versionEndExcluding": "5.10.97", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C68FC5B4-CC13-45E9-8050-EF9025F7A9B7", "versionEndExcluding": "5.15.20", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6739D89E-32C3-479D-B5F6-6865C5061FA5", "versionEndExcluding": "5.16.6", "versionStartIncluding": "5.16", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()\n\nWhile looking at one unrelated syzbot bug, I found the replay logic\nin __rtnl_newlink() to potentially trigger use-after-free.\n\nIt is better to clear master_dev and m_ops inside the loop,\nin case we have to replay it."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: rtnetlink: aseg\u00farese de actualizar master_dev/m_ops en __rtnl_newlink() Mientras observaba un error de syzbot no relacionado, encontr\u00e9 la l\u00f3gica de reproducci\u00f3n en __rtnl_newlink() para activar potencialmente el use-after-free. Es mejor borrar master_dev y m_ops dentro del bucle, en caso de que tengamos que reproducirlo."}], "id": "CVE-2022-48742", "lastModified": "2024-11-21T07:33:54.263", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-06-20T12:15:12.517", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/2cf180360d66bd657e606c1217e0e668e6faa303"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/36a9a0aee881940476b254e0352581401b23f210"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/3bbe2019dd12b8d13671ee6cda055d49637b4c39"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/7d9211678c0f0624f74cdff36117ab8316697bb8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/a01e60a1ec6bef9be471fb7182a33c6d6f124e93"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/bd43771ee9759dd9dfae946bff190e2c5a120de5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/c6f6f2444bdbe0079e41914a35081530d0409963"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/def5e7070079b2a214b3b1a2fbec623e6fbfe34a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/2cf180360d66bd657e606c1217e0e668e6faa303"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/36a9a0aee881940476b254e0352581401b23f210"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/3bbe2019dd12b8d13671ee6cda055d49637b4c39"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/7d9211678c0f0624f74cdff36117ab8316697bb8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/a01e60a1ec6bef9be471fb7182a33c6d6f124e93"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/bd43771ee9759dd9dfae946bff190e2c5a120de5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/c6f6f2444bdbe0079e41914a35081530d0409963"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/def5e7070079b2a214b3b1a2fbec623e6fbfe34a"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()", "id": "2293317", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293317"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-416", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nrtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()\nWhile looking at one unrelated syzbot bug, I found the replay logic\nin __rtnl_newlink() to potentially trigger use-after-free.\nIt is better to clear master_dev and m_ops inside the loop,\nin case we have to replay it."], "name": "CVE-2022-48742", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-06-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-48742\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-48742\nhttps://lore.kernel.org/linux-cve-announce/2024062003-CVE-2022-48742-6393@gregkh/T"], "statement": "Actual only for Red Hat Enterprise Linux 8.\nFixed for all versions of Red Hat Enterprise Linux 9.\nReading the source code, related source in function __rtnl_newlink or in rtnl_newlink for newer versions.\nThe fix is that setting to NULL these vars\n+master_dev = NULL;\n+m_ops = NULL;\njust before usage (before call \"master_dev = netdev_master_upper_dev_get(dev);\"),\nbut not in advance in the beginning of func __rtnl_newlink.\nIt means that for some complex conditions potentially these vars could be inited with some incorrect values between. No known ways to reproduce it, so saying generally could be considered as not a security issue (or maybe as potential security issue with low level impact).\nThe bug could happen only if function rtnl_link_ops_get(..) returns some \"ops\" (instead of NULL).\nThis could happen if some option \"kind\" exists. Basically it could happen only if IFLA_INFO_KIND being used (that is ops->kind).\nIt is possible to set this \"ops->kind\" during __rtnl_newlink(..) call.\nSee \"RTM_NEWLINK\" in doc https://man7.org/linux/man-pages/man7/rtnetlink.7.html\nI think that regular user cannot trigger call to the \"RTM_NEWLINK\", so only privileged user can try to trigger this issue (potentially, because unlikely that can find way how to trigger it).", "threat_severity": "Moderate"}

{}