CVE-2022-48783
HIGHLinux Kernel 5.10.101-5.10.102, 5.15.24-5.15.25, 5.16.10-5.16.11 - Use-After-Free in gswip_remove()
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiq_gswip: fix use after free in gswip_remove() of_node_put(priv->ds->slave_mii_bus->dev.of_node) should be done before mdiobus_free(priv->ds->slave_mii_bus).
References (4)
Core 4
Core References
Mailing List, Patch
https://git.kernel.org/stable/c/f48bd34137718042872d06f2c7332b3267a29165
Mailing List, Patch
https://git.kernel.org/stable/c/df2495f329b08ac0d0d3e6334a01955ae839005e
Mailing List, Patch
https://git.kernel.org/stable/c/c61f599b8d33adfa256126a6695c734c0de331cb
Mailing List, Patch
https://git.kernel.org/stable/c/8c6ae46150a453f8ae9a6cd49b45f354f478587d
Scores
CVSS v3
7.8
EPSS
0.0023
EPSS Percentile
13.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-416
Status
published
Products (13)
linux/Kernel
5.10.101 - 5.10.102linux
linux/Kernel
5.15.24 - 5.15.25linux
linux/Kernel
5.16.10 - 5.16.11linux
Linux/Linux
0d120dfb5d67edc5bcd1804e167dba2b30809afd - 8c6ae46150a453f8ae9a6cd49b45f354f478587d
Linux/Linux
2443ba2fe396bdde187a2fdfa6a57375643ae93c - c61f599b8d33adfa256126a6695c734c0de331cb
Linux/Linux
5.10.101 - 5.10.102
Linux/Linux
5.15.24 - 5.15.25
Linux/Linux
5.16.10 - 5.16.11
Linux/Linux
b5652bc50dde7b84e93dfb25479b64b817e377c1 - df2495f329b08ac0d0d3e6334a01955ae839005e
Linux/Linux
e177d2e85ebcd3008c4b2abc293f4118e04eedef - f48bd34137718042872d06f2c7332b3267a29165
... and 3 more
Published
Jul 16, 2024
Tracked Since
Feb 18, 2026