// For flags

CVE-2022-45886

kernel: use-after-free due to race condition occurring in dvb_net.c

Severity Score

7.0
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.

Se descubrió un problema en el kernel de Linux hasta la versión 6.0.9. drivers/media/dvb-core/dvb_net.c tiene una condición de carrera .disconnect versus dvb_device_open que conduce a un use-after-free.

A race condition flaw leading to a use-after-free issue was found in the Linux kernel media subsystem in the dvb_net component of the DVB core device driver. It could occur between the time the device is disconnected (.disconnect function) and the time the device node is opened (dvb_device_open function). A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-11-25 CVE Reserved
  • 2022-11-25 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
  • CWE-416: Use After Free
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Netapp
Search vendor "Netapp"
H410c Firmware
Search vendor "Netapp" for product "H410c Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
H410c
Search vendor "Netapp" for product "H410c"
--
Safe
Netapp
Search vendor "Netapp"
H300s Firmware
Search vendor "Netapp" for product "H300s Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
H300s
Search vendor "Netapp" for product "H300s"
--
Safe
Netapp
Search vendor "Netapp"
H500s Firmware
Search vendor "Netapp" for product "H500s Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
H500s
Search vendor "Netapp" for product "H500s"
--
Safe
Netapp
Search vendor "Netapp"
H700s Firmware
Search vendor "Netapp" for product "H700s Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
H700s
Search vendor "Netapp" for product "H700s"
--
Safe
Netapp
Search vendor "Netapp"
H410s Firmware
Search vendor "Netapp" for product "H410s Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
H410s
Search vendor "Netapp" for product "H410s"
--
Safe
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 2.6.12 < 4.19.285
Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 4.19.285"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 4.20 < 5.4.246
Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 5.4.246"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 5.5 < 5.10.183
Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.10.183"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 5.11 < 5.15.116
Search vendor "Linux" for product "Linux Kernel" and version " >= 5.11 < 5.15.116"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 5.16 < 6.1.33
Search vendor "Linux" for product "Linux Kernel" and version " >= 5.16 < 6.1.33"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 6.2 < 6.3.7
Search vendor "Linux" for product "Linux Kernel" and version " >= 6.2 < 6.3.7"
-
Affected