Back

CVE-2022-48872

Aug. 21, 2024, 12:30 p.m.

Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Linux kernel

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-08-21
CVE-2022-48872

CVE-2022-48872 details

Published : Aug. 21, 2024, 7:15 a.m.
Last Modified : Aug. 21, 2024, 12:30 p.m.

Description

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix use-after-free race condition for maps It is possible that in between calling fastrpc_map_get() until map->fl->lock is taken in fastrpc_free_map(), another thread can call fastrpc_map_lookup() and get a reference to a map that is about to be deleted. Rewrite fastrpc_map_get() to only increase the reference count of a map if it's non-zero. Propagate this to callers so they can know if a map is about to be deleted. Fixes this warning: refcount_t: addition on 0; use-after-free. WARNING: CPU: 5 PID: 10100 at lib/refcount.c:25 refcount_warn_saturate ... Call trace: refcount_warn_saturate [fastrpc_map_get inlined] [fastrpc_map_lookup inlined] fastrpc_map_create fastrpc_internal_invoke fastrpc_device_ioctl __arm64_sys_ioctl invoke_syscall

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://git.kernel.org/stable/c/079c78c68714f7d8d58e66c477b0243b31806907 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/556dfdb226ce1e5231d8836159b23f8bb0395bf4 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/61a0890cb95afec5c8a2f4a879de2b6220984ef1 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/96b328d119eca7563c1edcc4e1039a62e6370ecb 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/b171d0d2cf1b8387c72c8d325c5d5746fa271e39 416baaa9-dc9f-4396-8d5f-8c081fb06d67
This website uses the NVD API, but is not approved or certified by it.