Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-49541

Опубликовано: 26 фев. 2025
Источник: redhat
CVSS3: 7.8
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential double free during failed mount RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2088799

Отчет

This flaw results from a missing check in the kernel's CIFS mounting code which can lead to the same pointer being freed twice when there is an error mounting the volume. An attacker could exploit this vulnerability to corrupt or alter system memory or execute arbitrary code with elevated privileges. Note that this vulnerability was fixed in previous errata: RHSA-2022:5819 for Red Hat Enterprise Linux 8.6 EUS RHSA-2022:7683 for Red Hat Enterprise Linux 8.7-8.10 RHSA-2023:2458 for Red Hat Enterprise Linux 9.2 and later.

Меры по смягчению последствий

Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernel-rtNot affected
Red Hat Enterprise Linux 9kernel-rtAffected
Red Hat Enterprise Linux 8kernelFixedRHSA-2022:581903.08.2022
Red Hat Enterprise Linux 8kernelFixedRHSA-2022:768308.11.2022
Red Hat Enterprise Linux 9kernelFixedRHSA-2023:245809.05.2023
Red Hat Enterprise Linux 9kernelFixedRHSA-2023:245809.05.2023

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-415
https://bugzilla.redhat.com/show_bug.cgi?id=2348119kernel: cifs: fix potential double free during failed mount

EPSS

Процентиль: 8%
0.0003
Низкий

7.8 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-49541

CVSS3: 7.8
ubuntu
12 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential double free during failed mount RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2088799

nvd логотип

CVE-2022-49541

CVSS3: 7.8
nvd
12 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential double free during failed mount RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2088799

debian логотип

CVE-2022-49541

CVSS3: 7.8
debian
12 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: c ...

github логотип

GHSA-g5vv-jqc9-w8hm

CVSS3: 7.8
github
11 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential double free during failed mount RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2088799

fstec логотип

BDU:2025-10248

CVSS3: 7.8
fstec
больше 3 лет назад

Уязвимость ядра операционной системы Linux, связанная с ошибкой повторного освобождения памяти, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 8%
0.0003
Низкий

7.8 High

CVSS3