Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-49951

Опубликовано: 18 июн. 2025
Источник: nvd
CVSS3: 7.8
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

firmware_loader: Fix use-after-free during unregister

In the following code within firmware_upload_unregister(), the call to device_unregister() could result in the dev_release function freeing the fw_upload_priv structure before it is dereferenced for the call to module_put(). This bug was found by the kernel test robot using CONFIG_KASAN while running the firmware selftests.

device_unregister(&fw_sysfs->dev); module_put(fw_upload_priv->module);

The problem is fixed by copying fw_upload_priv->module to a local variable for use when calling device_unregister().

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.19 (включая) до 5.19.8 (исключая)
cpe:2.3:o:linux:linux_kernel:6.0:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.0:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.0:rc3:*:*:*:*:*:*

EPSS

Процентиль: 5%
0.00021
Низкий

7.8 High

CVSS3

Дефекты

CWE-416

Связанные уязвимости

ubuntu логотип

CVE-2022-49951

CVSS3: 7.8
ubuntu
8 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Fix use-after-free during unregister In the following code within firmware_upload_unregister(), the call to device_unregister() could result in the dev_release function freeing the fw_upload_priv structure before it is dereferenced for the call to module_put(). This bug was found by the kernel test robot using CONFIG_KASAN while running the firmware selftests. device_unregister(&fw_sysfs->dev); module_put(fw_upload_priv->module); The problem is fixed by copying fw_upload_priv->module to a local variable for use when calling device_unregister().

redhat логотип

CVE-2022-49951

CVSS3: 7
redhat
8 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Fix use-after-free during unregister In the following code within firmware_upload_unregister(), the call to device_unregister() could result in the dev_release function freeing the fw_upload_priv structure before it is dereferenced for the call to module_put(). This bug was found by the kernel test robot using CONFIG_KASAN while running the firmware selftests. device_unregister(&fw_sysfs->dev); module_put(fw_upload_priv->module); The problem is fixed by copying fw_upload_priv->module to a local variable for use when calling device_unregister().

debian логотип

CVE-2022-49951

CVSS3: 7.8
debian
8 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: f ...

github логотип

GHSA-m4jv-hg4p-x3x5

CVSS3: 7.8
github
8 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Fix use-after-free during unregister In the following code within firmware_upload_unregister(), the call to device_unregister() could result in the dev_release function freeing the fw_upload_priv structure before it is dereferenced for the call to module_put(). This bug was found by the kernel test robot using CONFIG_KASAN while running the firmware selftests. device_unregister(&fw_sysfs->dev); module_put(fw_upload_priv->module); The problem is fixed by copying fw_upload_priv->module to a local variable for use when calling device_unregister().

suse-cvrf логотип

SUSE-SU-2025:02264-1

suse-cvrf
7 месяцев назад

Security update for the Linux Kernel

EPSS

Процентиль: 5%
0.00021
Низкий

7.8 High

CVSS3

Дефекты

CWE-416