CVE-2022-45884

CVSS V2 None CVSS V3 None

Description

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.

Overview

CVE ID
CVE-2022-45884

Assigner
cve@mitre.org

Vulnerability Status
Analyzed

Published Version
2022-11-25T04:15:09

Last Modified Date
2023-01-20T20:18:38

Weakness Enumerations

CWE	URL
CWE-362	http://cwe.mitre.org/data/definitions/362.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version Start	Version End
cpe:2.3:o:linux:linux_kernel::::::::	1	OR		6.0.9

References

Reference URL	Reference Tags
https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel@gmail.com/	Exploit Patch Vendor Advisory
https://lore.kernel.org/linux-media/20221115131822.6640-4-imv4bel@gmail.com/	Exploit Patch Vendor Advisory
https://security.netapp.com/advisory/ntap-20230113-0006/

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2022-45884
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45884

History

Created	Old Value	New Value	Data Type	Notes
2022-11-25 05:00:23				Added to TrackCVE
2022-12-07 18:03:33	2022-11-25T04:15Z	2022-11-25T04:15:09	CVE Published Date	updated
2022-12-07 18:03:33		2022-11-29T21:00:26	CVE Modified Date	updated
2022-12-07 18:03:33		Analyzed	Vulnerability Status	updated
2022-12-07 18:03:33		CWE-362	Weakness Enumeration	new
2022-12-07 18:03:35			CPE Information	updated
2023-01-13 09:16:30		2023-01-13T09:15:09	CVE Modified Date	updated
2023-01-13 09:16:30	Analyzed	Modified	Vulnerability Status	updated
2023-01-13 09:16:31			References	updated
2023-01-13 17:13:25	Modified	Undergoing Analysis	Vulnerability Status	updated
2023-01-20 21:13:39		2023-01-20T20:18:38	CVE Modified Date	updated
2023-01-20 21:13:39	Undergoing Analysis	Analyzed	Vulnerability Status	updated