CVE-2022-49025

HIGH

Linux Kernel 5.3-5.4.225, 5.5-5.10.157, 5.11-5.15.81, 5.16-6.0.11 - Use-After-Free in Termination Table Revert

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free when reverting termination table When having multiple dests with termination tables and second one or afterwards fails the driver reverts usage of term tables but doesn't reset the assignment in attr->dests[num_vport_dests].termtbl which case a use-after-free when releasing the rule. Fix by resetting the assignment of termtbl to null.

References (5)

Core 5

Core References

Patch

https://git.kernel.org/stable/c/0a2d73a77060c3cbdc6e801cd5d979d674cd404b

Patch

https://git.kernel.org/stable/c/0d2f9d95d9fbe993f3c4bafb87d59897b0325aff

Patch

https://git.kernel.org/stable/c/372eb550faa0757349040fd43f59483cbfdb2c0b

Patch

https://git.kernel.org/stable/c/e6d2d26a49c3a9cd46b232975e45236304810904

Patch

https://git.kernel.org/stable/c/52c795af04441d76f565c4634f893e5b553df2ae

Scores

CVSS v3 7.8

EPSS 0.0025

EPSS Percentile 15.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-416

Status published

Products (18)

linux/Kernel 5.11.0 - 5.15.82linux

linux/Kernel 5.16.0 - 6.0.12linux

linux/Kernel 5.3.0 - 5.4.226linux

linux/Kernel 5.5.0 - 5.10.158linux

Linux/Linux < 5.3

Linux/Linux 10caabdaad5ace85577a453da97d1f8d3b944427 - 0a2d73a77060c3cbdc6e801cd5d979d674cd404b

Linux/Linux 10caabdaad5ace85577a453da97d1f8d3b944427 - 0d2f9d95d9fbe993f3c4bafb87d59897b0325aff

Linux/Linux 10caabdaad5ace85577a453da97d1f8d3b944427 - 372eb550faa0757349040fd43f59483cbfdb2c0b

Linux/Linux 10caabdaad5ace85577a453da97d1f8d3b944427 - 52c795af04441d76f565c4634f893e5b553df2ae

Linux/Linux 10caabdaad5ace85577a453da97d1f8d3b944427 - e6d2d26a49c3a9cd46b232975e45236304810904

... and 8 more

Published Oct 21, 2024

Tracked Since Feb 18, 2026