CVE-2022-48670

HIGH

Linux Kernel < 5.19.10 - Use After Free

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: peci: cpu: Fix use-after-free in adev_release() When auxiliary_device_add() returns an error, auxiliary_device_uninit() is called, which causes refcount for device to be decremented and .release callback will be triggered. Because adev_release() re-calls auxiliary_device_uninit(), it will cause use-after-free: [ 1269.455172] WARNING: CPU: 0 PID: 14267 at lib/refcount.c:28 refcount_warn_saturate+0x110/0x15 [ 1269.464007] refcount_t: underflow; use-after-free.

References (2)

[Patch] https://git.kernel.org/stable/c/1c11289b34ab67ed080bbe0f1855c4938362d9cf

[Patch] https://git.kernel.org/stable/c/c87f1f99e26ea4ae08cabe753ae98e5626bdba89

Scores

CVSS v3 7.8

EPSS 0.0002

EPSS Percentile 4.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-416

Status published

Affected Products (5)

linux/linux_kernel < 5.19.10

linux/linux_kernel

linux/Kernel < 5.19.10linux

Timeline

Published May 03, 2024

Tracked Since Feb 18, 2026