// For flags

CVE-2022-45919

kernel: use-after-free due to race condition occurring in dvb_ca_en50221.c

Severity Score

7.0
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.

Se descubrió un problema en el kernel de Linux hasta la versión 6.0.10. En drivers/media/dvb-core/dvb_ca_en50221.c, puede ocurrir un use-after-free si hay una desconexión después de una apertura, debido a la falta de un wait_event.

A race condition flaw leading to a use-after-free issue was found in the Linux kernel media subsystem in the DVB CA EN50221 interface of the DVB core device driver. It could occur in the dvb_ca_en50221_release() function if there is a disconnect after an open, because of the lack of a wait_event. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-11-27 CVE Reserved
  • 2022-11-27 CVE Published
  • 2024-06-19 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-416: Use After Free
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Netapp
Search vendor "Netapp"
H410c Firmware
Search vendor "Netapp" for product "H410c Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
H410c
Search vendor "Netapp" for product "H410c"
--
Safe
Netapp
Search vendor "Netapp"
H300s Firmware
Search vendor "Netapp" for product "H300s Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
H300s
Search vendor "Netapp" for product "H300s"
--
Safe
Netapp
Search vendor "Netapp"
H500s Firmware
Search vendor "Netapp" for product "H500s Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
H500s
Search vendor "Netapp" for product "H500s"
--
Safe
Netapp
Search vendor "Netapp"
H700s Firmware
Search vendor "Netapp" for product "H700s Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
H700s
Search vendor "Netapp" for product "H700s"
--
Safe
Netapp
Search vendor "Netapp"
H410s Firmware
Search vendor "Netapp" for product "H410s Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
H410s
Search vendor "Netapp" for product "H410s"
--
Safe
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 2.6.12 < 4.14.317
Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 4.14.317"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 4.15 < 4.19.285
Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 4.19.285"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 4.20 < 5.4.246
Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 5.4.246"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 5.5 < 5.10.183
Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.10.183"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 5.11 < 5.15.116
Search vendor "Linux" for product "Linux Kernel" and version " >= 5.11 < 5.15.116"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 5.16 < 6.1.33
Search vendor "Linux" for product "Linux Kernel" and version " >= 5.16 < 6.1.33"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 6.2 < 6.3.7
Search vendor "Linux" for product "Linux Kernel" and version " >= 6.2 < 6.3.7"
-
Affected