CVE-2022-49025
net/mlx5e: Fix use-after-free when reverting termination table
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
21 out 2024Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Fix use-after-free when reverting termination table
When having multiple dests with termination tables and second one
or afterwards fails the driver reverts usage of term tables but
doesn't reset the assignment in attr->dests[num_vport_dests].termtbl
which case a use-after-free when releasing the rule.
Fix by resetting the assignment of termtbl to null.
Produtos afetados
Linux · LinuxReferências
https://git.kernel.org/stable/c/0a2d73a77060c3cbdc6e801cd5d979d674cd404bhttps://git.kernel.org/stable/c/0d2f9d95d9fbe993f3c4bafb87d59897b0325affhttps://git.kernel.org/stable/c/372eb550faa0757349040fd43f59483cbfdb2c0bhttps://git.kernel.org/stable/c/52c795af04441d76f565c4634f893e5b553df2aehttps://git.kernel.org/stable/c/e6d2d26a49c3a9cd46b232975e45236304810904