← Zuruck zu CVEs
CVE-2022-49025
HIGH7.8
Beschreibung
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free when reverting termination table When having multiple dests with termination tables and second one or afterwards fails the driver reverts usage of term tables but doesn't reset the assignment in attr->dests[num_vport_dests].termtbl which case a use-after-free when releasing the rule. Fix by resetting the assignment of termtbl to null.
CVE Details
CVSS v3.1 Bewertung7.8
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht10/21/2024
Zuletzt geandert10/24/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
linux:linux_kernel
Schwachen (CWE)
CWE-416
Referenzen
https://git.kernel.org/stable/c/0a2d73a77060c3cbdc6e801cd5d979d674cd404b(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/0d2f9d95d9fbe993f3c4bafb87d59897b0325aff(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/372eb550faa0757349040fd43f59483cbfdb2c0b(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/52c795af04441d76f565c4634f893e5b553df2ae(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/e6d2d26a49c3a9cd46b232975e45236304810904(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.