← Back

CVE-2022-49968

nvd nist
Published: Jun 18, 2025Modified: Jun 17, 2026

JSON object

Loading...
4.7
Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Exploitability: 1.0 / Impact: 3.6
Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: ieee802154/adf7242: defer destroy_workqueue call There is a possible race condition (use-after-free) like below (FREE) | (USE) adf7242_remove | adf7242_channel cancel_delayed_work_sync | destroy_workqueue (1) | adf7242_cmd_rx | mod_delayed_work (2) | The root cause for this race is that the upper layer (ieee802154) is unaware of this detaching event and the function adf7242_channel can be called without any checks. To fix this, we can add a flag write at the beginning of adf7242_remove and add flag check in adf7242_channel. Or we can just defer the destructive operation like other commit 3e0588c291d6 ("hamradio: defer ax25 kfree after unregister_netdev") which let the ieee802154_unregister_hw() to handle the synchronization. This patch takes the second option. runs")

Affected (13)

Products: Linux: Linux Kernel
1 product
Linux Kernel
Configuration A
13 vulnerable
Vulnerable SoftwareAffected Versions
Linux
From 4.17.19 to 4.18
From 4.18.1 to 4.19.258
From 4.20 to 5.4.213
From 5.11 to 5.15.66
From 5.16 to 5.19.8
From 5.5 to 5.10.142
Version 4.18
Version 4.18 rc6
Version 4.18 rc7
Version 4.18 rc8
Version 6.0 rc1
Version 6.0 rc2
Version 6.0 rc3

References (6)

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch

Timeline

No history available yet.