In the Linux kernel, the following vulnerability has been resolved:
net: arc_emac: Fix use after free in arc_mdio_probe()
If bus->state is equal to MDIOBUS_ALLOCATED, mdiobus_free(bus) will free
the "bus". But bus->name is still used in the next line, which will lead
to a use after free.
We can fix it by putting the name in a local variable and make the
bus->name point to the rodata section "name",then use the name in the
error message without referring to bus to avoid the uaf.
Metrics
Affected Vendors & Products
References
History
Wed, 11 Sep 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-07-16T12:25:20.477Z
Updated: 2024-09-11T17:34:08.203Z
Reserved: 2024-07-16T11:38:08.913Z
Link: CVE-2022-48854
Vulnrichment
Updated: 2024-09-11T12:42:20.872Z
NVD
Status : Analyzed
Published: 2024-07-16T13:15:12.457
Modified: 2024-07-23T15:26:31.407
Link: CVE-2022-48854
Redhat