← Voltar para CVEs

CVE-2022-48807

MEDIUM

5.5

Descricao

In the Linux kernel, the following vulnerability has been resolved: ice: Fix KASAN error in LAG NETDEV_UNREGISTER handler Currently, the same handler is called for both a NETDEV_BONDING_INFO LAG unlink notification as for a NETDEV_UNREGISTER call. This is causing a problem though, since the netdev_notifier_info passed has a different structure depending on which event is passed. The problem manifests as a call trace from a BUG: KASAN stack-out-of-bounds error. Fix this by creating a handler specific to NETDEV_UNREGISTER that only is passed valid elements in the netdev_notifier_info struct for the NETDEV_UNREGISTER event. Also included is the removal of an unbalanced dev_put on the peer_netdev and related braces.

Detalhes CVE

Pontuacao CVSS v3.15.5

SeveridadeMEDIUM

Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vetor de ataqueLOCAL

ComplexidadeLOW

Privilegios necessariosLOW

Interacao do usuarioNONE

Publicado7/16/2024

Ultima modificacao9/25/2025

Fontenvd

Avistamentos honeypot0

Produtos afetados

linux:linux_kernel

Fraquezas (CWE)

CWE-908

Referencias

https://git.kernel.org/stable/c/bea1898f65b9b7096cb4e73e97c83b94718f1fa1(416baaa9-dc9f-4396-8d5f-8c081fb06d67)

https://git.kernel.org/stable/c/f9daedc3ab8f673e3a9374b91a89fbf1174df469(416baaa9-dc9f-4396-8d5f-8c081fb06d67)

https://git.kernel.org/stable/c/faa9bcf700ca1a0d09f92502a6b65d3ce313fb46(416baaa9-dc9f-4396-8d5f-8c081fb06d67)

https://git.kernel.org/stable/c/bea1898f65b9b7096cb4e73e97c83b94718f1fa1(af854a3a-2127-422b-91ae-364da2661108)

https://git.kernel.org/stable/c/f9daedc3ab8f673e3a9374b91a89fbf1174df469(af854a3a-2127-422b-91ae-364da2661108)

https://git.kernel.org/stable/c/faa9bcf700ca1a0d09f92502a6b65d3ce313fb46(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.