CVE-2022-48773: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create
First published: Tue Jul 16 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create If there are failures then we must not leave the non-NULL pointers with the error value, otherwise `rpcrdma_ep_destroy` gets confused and tries free them, resulting in an Oops.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel | <5.10.102 | 5.10.102 |
| redhat/kernel | <5.15.25 | 5.15.25 |
| redhat/kernel | <5.16.11 | 5.16.11 |
| redhat/kernel | <5.17 | 5.17 |
| Linux kernel | <5.10.102 | |
| Linux kernel | >=5.11<5.15.25 | |
| Linux kernel | >=5.16<5.16.11 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/1e7433fb95ccc01629a5edaa4ced0cd8c98d0ae0
- https://git.kernel.org/stable/c/2526d4d8b209dc5ac1fbeb468149774888b2a141
- https://git.kernel.org/stable/c/9921c866dc369577c3ebb9adf2383b01b58c18de
- https://git.kernel.org/stable/c/a9c10b5b3b67b3750a10c8b089b2e05f5e176e33
- https://access.redhat.com/errata/RHSA-2024:6990
- https://access.redhat.com/errata/RHSA-2024:6991
- https://access.redhat.com/errata/RHSA-2024:8616
- https://access.redhat.com/errata/RHSA-2024:8870
- https://access.redhat.com/errata/RHSA-2024:8856
- https://access.redhat.com/errata/RHSA-2024:10275
- https://access.redhat.com/errata/RHSA-2024:10265
- https://access.redhat.com/errata/RHSA-2024:10262
- https://bugzilla.redhat.com/show_bug.cgi?id=2298109
Frequently Asked Questions
What is the severity of CVE-2022-48773?
CVE-2022-48773 is classified as a medium severity vulnerability in the Linux kernel.
How do I fix CVE-2022-48773?
To fix CVE-2022-48773, you need to update the Linux kernel to versions 5.10.102, 5.15.25, 5.16.11, or 5.17.
Which Linux kernel versions are affected by CVE-2022-48773?
CVE-2022-48773 affects Linux kernel versions prior to 5.10.102, between 5.11 and 5.15.25, and between 5.16.0 and 5.16.11.
What specific component does CVE-2022-48773 affect?
CVE-2022-48773 affects the xprtrdma component in the Linux kernel.
What is the impact of CVE-2022-48773?
The impact of CVE-2022-48773 may lead to confusion in pointer dereferencing during error handling in the rpcrdma_ep_create function.
- agent/title
- agent/type
- agent/first-publish-date
- agent/author
- agent/event
- agent/weakness
- agent/remedy
- agent/severity
- agent/description
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2022-48773
- vendor/linux
- canonical/linux kernel
- version/linux kernel/5.11
- version/linux kernel/5.16
- package-manager/redhat