CVE-2022-48874

NVD Published Date: August 21, 2024 at 07:15 AM
NVD Last Modified: August 29, 2024 at 02:42 AM
Download Patch
Vulnerability ID
CVE-2022-48874
Severity
HIGH
Severity Score
7.8
Summary
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix use-after-free and race in fastrpc_map_find Currently, there is a race window between the point when the mutex is unlocked in fastrpc_map_lookup and the reference count increasing (fastrpc_map_get) in fastrpc_map_find, which can also lead to use-after-free. So lets merge fastrpc_map_find into fastrpc_map_lookup which allows us to both protect the maps list by also taking the &fl->lock spinlock and the reference count, since the spinlock will be released only after. Add take_ref argument to make this suitable for all callers.
Exploits
-
Metasploit Payload
-
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE ID
CWE-416

Recent Publish

CVE-2022-48885

CVE-2022-48868

CVE-2022-48892

CVE-2024-6339

CVE-2024-5335

CVE-2024-7757

See SecOps Solution
in action

Schedule Demo