CVE-2022-28389

MEDIUM

Linux kernel <5.17.1 - Use After Free

Title source: llm

Description

mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.

References (7)

Scores

CVSS v3 5.5
EPSS 0.0007
EPSS Percentile 20.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE
CWE-415
Status published

Affected Products (14)

linux/linux_kernel < 5.17.1
fedoraproject/fedora
fedoraproject/fedora
fedoraproject/fedora
debian/debian_linux
debian/debian_linux
netapp/h300s_firmware
netapp/h500s_firmware
netapp/h700s_firmware
netapp/h300e_firmware
netapp/h500e_firmware
netapp/h700e_firmware
netapp/h410s_firmware
netapp/h410c_firmware

Timeline

Published Apr 03, 2022
Tracked Since Feb 18, 2026