CVE-2022-48779
HIGHLinux Kernel 5.16-5.16.10 - Use-After-Free in ocelot_vlan_del()
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: fix use-after-free in ocelot_vlan_del() ocelot_vlan_member_del() will free the struct ocelot_bridge_vlan, so if this is the same as the port's pvid_vlan which we access afterwards, what we're accessing is freed memory. Fix the bug by determining whether to clear ocelot_port->pvid_vlan prior to calling ocelot_vlan_member_del().
References (2)
Core 2
Core References
Mailing List, Patch
https://git.kernel.org/stable/c/c98bed60cdd7f22237ae256cc9c1c3087206b8a2
Mailing List, Patch
https://git.kernel.org/stable/c/ef57640575406f57f5b3393cf57f457b0ace837e
Scores
CVSS v3
7.8
EPSS
0.0022
EPSS Percentile
12.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-416
Status
published
Products (8)
linux/Kernel
5.16.0 - 5.16.11linux
Linux/Linux
< 5.16
Linux/Linux
5.16
Linux/Linux
5.16.11 - 5.16.*
Linux/Linux
5.17
Linux/Linux
d4004422f6f9fa8e55c04482008c1c9f9edd2d19 - c98bed60cdd7f22237ae256cc9c1c3087206b8a2
Linux/Linux
d4004422f6f9fa8e55c04482008c1c9f9edd2d19 - ef57640575406f57f5b3393cf57f457b0ace837e
linux/linux_kernel
5.16 - 5.16.11
Published
Jul 16, 2024
Tracked Since
Feb 18, 2026