high
7.8
CWE
416
Advisory Published
Updated

CVE-2022-48771: drm/vmwgfx: Fix stale file descriptors on failed usercopy

First published: Thu Jun 20 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix stale file descriptors on failed usercopy A failing usercopy of the fence_rep object will lead to a stale entry in the file descriptor table as put_unused_fd() won't release it. This enables userland to refer to a dangling 'file' object through that still valid file descriptor, leading to all kinds of use-after-free exploitation scenarios. Fix this by deferring the call to fd_install() until after the usercopy has succeeded.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
Linux Kernel>=4.14<4.14.264
Linux Kernel>=4.15<4.19.227
Linux Kernel>=4.20<5.4.175
Linux Kernel>=5.5<5.10.95
Linux Kernel>=5.11<5.15.18
Linux Kernel>=5.16<5.16.4
Linux Kernel=5.17-rc1

Remedy

https://git.kernel.org/stable/c/0008a0c78fc33a84e2212a7c04e6b21a36ca6f4d

Remedy

https://git.kernel.org/stable/c/1d833b27fb708d6fdf5de9f6b3a8be4bd4321565

Remedy

https://git.kernel.org/stable/c/6066977961fc6f437bc064f628cf9b0e4571c56c

Remedy

https://git.kernel.org/stable/c/84b1259fe36ae0915f3d6ddcea6377779de48b82

Remedy

https://git.kernel.org/stable/c/a0f90c8815706981c483a652a6aefca51a5e191c

Remedy

https://git.kernel.org/stable/c/ae2b20f27732fe92055d9e7b350abc5cdf3e2414

Remedy

https://git.kernel.org/stable/c/e8d092a62449dcfc73517ca43963d2b8f44d0516

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2022-48771?

    CVE-2022-48771 is classified as a medium severity vulnerability due to its potential to lead to a stale entry in the file descriptor table.

  • What software is affected by CVE-2022-48771?

    CVE-2022-48771 affects several versions of the Linux kernel, specifically from 4.14 up to version 5.17-rc1.

  • How do I fix CVE-2022-48771?

    To fix CVE-2022-48771, you should update your Linux kernel to a patched version that addresses this vulnerability.

  • What type of vulnerability is CVE-2022-48771?

    CVE-2022-48771 is a vulnerability in the drm/vmwgfx subsystem of the Linux kernel.

  • What are the potential impacts of CVE-2022-48771?

    CVE-2022-48771 could lead to userland applications encountering stale file descriptors, which may cause unexpected behavior.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203