What is the severity of CVE-2022-48760?

CVE-2022-48760 has been classified as a moderate severity vulnerability affecting the Linux kernel.

How do I fix CVE-2022-48760?

To fix CVE-2022-48760, update your Linux kernel to version 4.4.302, 4.9.300, 4.14.265, 4.19.228, 5.4.176, 5.10.96, 5.15.19, 5.16.5, or 5.17.

What systems are affected by CVE-2022-48760?

CVE-2022-48760 affects multiple versions of the Linux kernel across various distributions.

What is the nature of the vulnerability in CVE-2022-48760?

CVE-2022-48760 relates to a hang issue in the usb_kill_urb function due to the lack of memory barriers.

Is there any workaround for CVE-2022-48760?

There are no recommended workarounds for CVE-2022-48760; updating the kernel is the best mitigation.

Vulnerability/
CVE-2022-48760

low

20/6/2024

9/4/2025

CVE-2022-48760: USB: core: Fix hang in usb_kill_urb by adding memory barriers

First published: Thu Jun 20 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix hang in usb_kill_urb by adding memory barriers The Linux kernel CVE team has assigned <a href="https://access.redhat.com/security/cve/CVE-2022-48760">CVE-2022-48760</a> to this issue. Upstream advisory: <a href="https://lore.kernel.org/linux-cve-announce/2024062008-CVE-2022-48760-b80e@gregkh/T">https://lore.kernel.org/linux-cve-announce/2024062008-CVE-2022-48760-b80e@gregkh/T</a>

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
redhat/kernel	<4.4.302	4.4.302
redhat/kernel	<4.9.300	4.9.300
redhat/kernel	<4.14.265	4.14.265
redhat/kernel	<4.19.228	4.19.228
redhat/kernel	<5.4.176	5.4.176
redhat/kernel	<5.10.96	5.10.96
redhat/kernel	<5.15.19	5.15.19
redhat/kernel	<5.16.5	5.16.5
redhat/kernel	<5.17	5.17
IBM Security Verify Governance - Identity Manager	<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Software Stack	<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Virtual Appliance	<=ISVG 10.0.2
IBM Security Verify Governance Identity Manager Container	<=ISVG 10.0.2

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-7230443

Frequently Asked Questions

What is the severity of CVE-2022-48760?
CVE-2022-48760 has been classified as a moderate severity vulnerability affecting the Linux kernel.
How do I fix CVE-2022-48760?
To fix CVE-2022-48760, update your Linux kernel to version 4.4.302, 4.9.300, 4.14.265, 4.19.228, 5.4.176, 5.10.96, 5.15.19, 5.16.5, or 5.17.
What systems are affected by CVE-2022-48760?
CVE-2022-48760 affects multiple versions of the Linux kernel across various distributions.
What is the nature of the vulnerability in CVE-2022-48760?
CVE-2022-48760 relates to a hang issue in the usb_kill_urb function due to the lack of memory barriers.
Is there any workaround for CVE-2022-48760?
There are no recommended workarounds for CVE-2022-48760; updating the kernel is the best mitigation.

agent/title
agent/type
agent/first-publish-date
agent/author
collector/nvd-api
source/NVD
agent/severity
agent/description
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2022-48760
agent/software-canonical-lookup
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/references
agent/source
agent/softwarecombine
agent/tags
agent/event
collector/ibm-support
source/IBM
package-manager/redhat
vendor/ibm
canonical/ibm security verify governance - identity manager
version/ibm security verify governance - identity manager/isvg 10.0.2
canonical/ibm security verify governance, identity manager software stack
version/ibm security verify governance, identity manager software stack/isvg 10.0.2
canonical/ibm security verify governance, identity manager virtual appliance
version/ibm security verify governance, identity manager virtual appliance/isvg 10.0.2
canonical/ibm security verify governance identity manager container
version/ibm security verify governance identity manager container/isvg 10.0.2