CVE-2022-45885: Use After Free
First published: Fri Nov 25 2022(Updated: )
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Linux kernel | <=6.0.9 | |
| Netapp H410c Firmware | ||
| Netapp H410c | ||
| Netapp H300s Firmware | ||
| Netapp H300s | ||
| Netapp H500s Firmware | ||
| Netapp H500s | ||
| Netapp H700s Firmware | ||
| Netapp H700s | ||
| Netapp H410s Firmware | ||
| Netapp H410s | ||
| <=6.0.9 | ||
| All of | ||
| All of | ||
| All of | ||
| All of | ||
| All of | ||
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel@gmail.com/
- https://lore.kernel.org/linux-media/20221115131822.6640-2-imv4bel@gmail.com/
- https://security.netapp.com/advisory/ntap-20230113-0006/
- https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel%40gmail.com/
- https://lore.kernel.org/linux-media/20221115131822.6640-2-imv4bel%40gmail.com/
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6769a0b7ee0c3b31e1b22c3fadff2bfb642de23f
Frequently Asked Questions
What is CVE-2022-45885?
CVE-2022-45885 is a vulnerability discovered in the Linux kernel through version 6.0.9, which can cause a use-after-free when a device is disconnected.
What software is affected by CVE-2022-45885?
The Linux kernel version up to 6.0.9 and Netapp H410c Firmware are affected by CVE-2022-45885.
What is the severity of CVE-2022-45885?
CVE-2022-45885 has a severity level of high (7).
How can I mitigate CVE-2022-45885?
To mitigate CVE-2022-45885, consider upgrading to a version of the Linux kernel that is not affected by this vulnerability or apply the necessary patches provided by the vendor.
Where can I find more information about CVE-2022-45885?
For more information about CVE-2022-45885, you can refer to the following references: [Reference 1](https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel@gmail.com/), [Reference 2](https://lore.kernel.org/linux-media/20221115131822.6640-2-imv4bel@gmail.com/), [Reference 3](https://security.netapp.com/advisory/ntap-20230113-0006/)
- agent/type
- agent/remedy
- agent/references
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/author
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-api
- source/NVD
- vendor/linux
- canonical/linux linux kernel
- version/linux linux kernel/6.0.9
- vendor/netapp
- canonical/netapp h410c firmware
- canonical/netapp h410c
- canonical/netapp h300s firmware
- canonical/netapp h300s
- canonical/netapp h500s firmware
- canonical/netapp h500s
- canonical/netapp h700s firmware
- canonical/netapp h700s
- canonical/netapp h410s firmware
- canonical/netapp h410s