CVE-2022-48787

Published: Jul 16, 2024Modified: Jun 17, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: iwlwifi: fix use-after-free If no firmware was present at all (or, presumably, all of the firmware files failed to parse), we end up unbinding by calling device_release_driver(), which calls remove(), which then in iwlwifi calls iwl_drv_stop(), freeing the 'drv' struct. However the new code I added will still erroneously access it after it was freed. Set 'failure=false' in this case to avoid the access, all data was already freed anyway.

Affected (6)

Products: Linux: Linux Kernel

1 product

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 4.14.263 to 4.14.268
Linux Linux Kernel	From 4.19.226 to 4.19.231
Linux Linux Kernel	From 5.10.94 to 5.10.102
Linux Linux Kernel	From 5.15.17 to 5.15.25
Linux Linux Kernel	From 5.16.3 to 5.16.11
Linux Linux Kernel	From 5.4.174 to 5.4.181

Related CWEs

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (14)

https://git.kernel.org/stable/c/008508c16af0087cda0394e1ac6f0493b01b6063

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/494de920d98f125b099f27a2d274850750aff957

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/7d6475179b85a83186ccce59cdc359d4f07d0bcb

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/9958b9cbb22145295ee1ffaea0904c383da2c05d

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/bea2662e7818e15d7607d17d57912ac984275d94

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/d3b98fe36f8a06ce654049540773256ab59cb53d

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/ddd46059f7d99119b62d44c519df7a79f2e6a515

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/008508c16af0087cda0394e1ac6f0493b01b6063

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/494de920d98f125b099f27a2d274850750aff957

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/7d6475179b85a83186ccce59cdc359d4f07d0bcb

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/9958b9cbb22145295ee1ffaea0904c383da2c05d

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/bea2662e7818e15d7607d17d57912ac984275d94

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/d3b98fe36f8a06ce654049540773256ab59cb53d

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/ddd46059f7d99119b62d44c519df7a79f2e6a515

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.