CVE-2022-48851

HIGH

Linux Kernel - Use-After-Free in gdm_lte_rx()

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: staging: gdm724x: fix use after free in gdm_lte_rx() The netif_rx_ni() function frees the skb so we can't dereference it to save the skb->len.

References (8)

Core 8

Core References

Patch

https://git.kernel.org/stable/c/6dc7b87c62423bfa68139fe95e85028aab584c9a

Patch

https://git.kernel.org/stable/c/83a9c886c2b5a0d28c0b37e1736b47f38d61332a

Patch

https://git.kernel.org/stable/c/48ecdf3e29a6e514e8196691589c7dfc6c4ac169

Patch

https://git.kernel.org/stable/c/403e3afe241b62401de1f8629c9c6b9b3d69dbff

Patch

https://git.kernel.org/stable/c/6d9700b445098dbbce0caff4b8cfca214cf1e757

Patch

https://git.kernel.org/stable/c/1fb9dd3787495b4deb0efe66c58306b65691a48f

Patch

https://git.kernel.org/stable/c/d39dc79513e99147b4c158a8a9e46743e23944f5

Patch

https://git.kernel.org/stable/c/fc7f750dc9d102c1ed7bbe4591f991e770c99033

Scores

CVSS v3 7.8

EPSS 0.0021

EPSS Percentile 11.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-416

Status published

Products (26)

linux/Kernel 3.12.0 - 4.9.307linux

linux/Kernel 4.10.0 - 4.14.272linux

linux/Kernel 4.15.0 - 4.19.235linux

linux/Kernel 4.20.0 - 5.4.185linux

linux/Kernel 5.11.0 - 5.15.29linux

linux/Kernel 5.16.0 - 5.16.15linux

linux/Kernel 5.5.0 - 5.10.106linux

Linux/Linux < 3.12

Linux/Linux 3.12

Linux/Linux 4.14.272 - 4.14.*

... and 16 more

Published Jul 16, 2024

Tracked Since Feb 18, 2026