CVE-2022-45886

CVSS V2 None CVSS V3 None

Description

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.

Overview

CVE ID
CVE-2022-45886

Assigner
cve@mitre.org

Vulnerability Status
Analyzed

Published Version
2022-11-25T04:15:09

Last Modified Date
2023-01-20T20:19:27

Weakness Enumerations

CWE	URL
CWE-362	http://cwe.mitre.org/data/definitions/362.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version Start	Version End
cpe:2.3:o:linux:linux_kernel::::::::	1	OR		6.0.9

References

Reference URL	Reference Tags
https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel@gmail.com/	Exploit Patch Vendor Advisory
https://lore.kernel.org/linux-media/20221115131822.6640-3-imv4bel@gmail.com/	Exploit Patch Vendor Advisory
https://security.netapp.com/advisory/ntap-20230113-0006/

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2022-45886
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45886

History

Created	Old Value	New Value	Data Type	Notes
2022-11-25 05:00:23				Added to TrackCVE
2022-12-07 18:03:36	2022-11-25T04:15Z	2022-11-25T04:15:09	CVE Published Date	updated
2022-12-07 18:03:36		2022-11-29T20:54:44	CVE Modified Date	updated
2022-12-07 18:03:36		Analyzed	Vulnerability Status	updated
2022-12-07 18:03:36		CWE-362	Weakness Enumeration	new
2022-12-07 18:03:37			CPE Information	updated
2023-01-13 09:16:30		2023-01-13T09:15:10	CVE Modified Date	updated
2023-01-13 09:16:30	Analyzed	Modified	Vulnerability Status	updated
2023-01-13 09:16:32			References	updated
2023-01-13 17:13:25	Modified	Undergoing Analysis	Vulnerability Status	updated
2023-01-20 21:13:39		2023-01-20T20:19:27	CVE Modified Date	updated
2023-01-20 21:13:39	Undergoing Analysis	Analyzed	Vulnerability Status	updated