In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Fix use-after-free when reverting termination table
When having multiple dests with termination tables and second one
or afterwards fails the driver reverts usage of term tables but
doesn't reset the assignment in attr->dests[num_vport_dests].termtbl
which case a use-after-free when releasing the rule.
Fix by resetting the assignment of termtbl to null.
References
Configurations
Configuration 1 (hide)
|
History
24 Oct 2024, 03:49
Type | Values Removed | Values Added |
---|---|---|
References | () https://git.kernel.org/stable/c/0a2d73a77060c3cbdc6e801cd5d979d674cd404b - Patch | |
References | () https://git.kernel.org/stable/c/0d2f9d95d9fbe993f3c4bafb87d59897b0325aff - Patch | |
References | () https://git.kernel.org/stable/c/372eb550faa0757349040fd43f59483cbfdb2c0b - Patch | |
References | () https://git.kernel.org/stable/c/52c795af04441d76f565c4634f893e5b553df2ae - Patch | |
References | () https://git.kernel.org/stable/c/e6d2d26a49c3a9cd46b232975e45236304810904 - Patch | |
CPE | cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:* |
|
CWE | CWE-416 | |
First Time |
Linux linux Kernel
Linux |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
23 Oct 2024, 15:12
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
21 Oct 2024, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-21 20:15
Updated : 2024-10-24 03:49
NVD link : CVE-2022-49025
Mitre link : CVE-2022-49025
CVE.ORG link : CVE-2022-49025
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-416
Use After Free