CVE-2022-48787

HIGH

Linux Kernel Use-After-Free in iwlwifi Driver

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: iwlwifi: fix use-after-free If no firmware was present at all (or, presumably, all of the firmware files failed to parse), we end up unbinding by calling device_release_driver(), which calls remove(), which then in iwlwifi calls iwl_drv_stop(), freeing the 'drv' struct. However the new code I added will still erroneously access it after it was freed. Set 'failure=false' in this case to avoid the access, all data was already freed anyway.

References (7)

Core 7

Core References

Patch

https://git.kernel.org/stable/c/d3b98fe36f8a06ce654049540773256ab59cb53d

Patch

https://git.kernel.org/stable/c/7d6475179b85a83186ccce59cdc359d4f07d0bcb

Patch

https://git.kernel.org/stable/c/494de920d98f125b099f27a2d274850750aff957

Patch

https://git.kernel.org/stable/c/008508c16af0087cda0394e1ac6f0493b01b6063

Patch

https://git.kernel.org/stable/c/ddd46059f7d99119b62d44c519df7a79f2e6a515

Patch

https://git.kernel.org/stable/c/9958b9cbb22145295ee1ffaea0904c383da2c05d

Patch

https://git.kernel.org/stable/c/bea2662e7818e15d7607d17d57912ac984275d94

Scores

CVSS v3 7.8

EPSS 0.0024

EPSS Percentile 15.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-416

Status published

Products (20)

linux/Kernel 4.14.263 - 4.14.268linux

linux/Kernel 4.19.226 - 4.19.231linux

linux/Kernel 5.10.94 - 5.10.102linux

linux/Kernel 5.15.17 - 5.15.25linux

linux/Kernel 5.16.3 - 5.16.11linux

linux/Kernel 5.4.174 - 5.4.181linux

Linux/Linux 0446cafa843e6db4982731c167e11c80d42be7e2 - 494de920d98f125b099f27a2d274850750aff957

Linux/Linux 1d7cc54137a4f28506dc7beac235b240b08f4e59 - 7d6475179b85a83186ccce59cdc359d4f07d0bcb

Linux/Linux 4.14.263 - 4.14.268

Linux/Linux 4.19.226 - 4.19.231

... and 10 more

Published Jul 16, 2024

Tracked Since Feb 18, 2026