CVE-2022-48695

scsi: mpt3sas: Fix use-after-free warning

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use-after-free warning Fix the following use-after-free warning which is observed during
controller reset: refcount_t: underflow; use-after-free.
WARNING: CPU: 23 PID: 5399 at lib/refcount.c:28 refcount_warn_saturate+0xa6/0xf0

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: mpt3sas: Corrija la advertencia de use-after-free. Corrija la siguiente advertencia de use-after-free que se observa durante el reinicio del controlador: refcount_t: underflow; use-after-free. ADVERTENCIA: CPU: 23 PID: 5399 en lib/refcount.c:28 refcount_warn_saturate+0xa6/0xf0

A user after-free vulnerability was found in the Linux kernel in the refcount_t variable when performing the controller reset. This issue could lead to denial of service of the system.

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use-after-free warning Fix the following use-after-free warning which is observed during controller reset: refcount_t: underflow; use-after-free. WARNING: CPU: 23 PID: 5399 at lib/refcount.c:28 refcount_warn_saturate+0xa6/0xf0

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a use-after-free vulnerability.

*Credits: N/A

CVSS Scores

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-03 CVE Reserved
2024-05-03 CVE Published
2024-12-19 CVE Updated
2025-03-18 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (10)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/b8fc9e91b931215110ba824d1a2983c5f60b6f82	2022-09-15
https://git.kernel.org/stable/c/d4959d09b76eb7a4146f5133962b88d3bddb63d6	2022-09-15
https://git.kernel.org/stable/c/82efb917eeb27454dc4c6fe26432fc8f6c75bc16	2022-09-15
https://git.kernel.org/stable/c/5682c94644fde72f72bded6580c38189ffc856b5	2022-09-15
https://git.kernel.org/stable/c/ea10a652ad2ae2cf3eced6f632a5c98f26727057	2022-09-15
https://git.kernel.org/stable/c/6229fa494a5949be209bc73afbc5d0a749c2e3c7	2022-09-15
https://git.kernel.org/stable/c/41acb064c4e013808bc7d5fc1b506fa449425b0b	2022-09-15
https://git.kernel.org/stable/c/991df3dd5144f2e6b1c38b8d20ed3d4d21e20b34	2022-09-07

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2022-48695	2024-11-13
https://bugzilla.redhat.com/show_bug.cgi?id=2278999	2024-11-13

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 4.9.328 Search vendor "Linux" for product "Linux Kernel" and version " < 4.9.328"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 4.14.293 Search vendor "Linux" for product "Linux Kernel" and version " < 4.14.293"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 4.19.258 Search vendor "Linux" for product "Linux Kernel" and version " < 4.19.258"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.4.213 Search vendor "Linux" for product "Linux Kernel" and version " < 5.4.213"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.10.143 Search vendor "Linux" for product "Linux Kernel" and version " < 5.10.143"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.15.68 Search vendor "Linux" for product "Linux Kernel" and version " < 5.15.68"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.19.9 Search vendor "Linux" for product "Linux Kernel" and version " < 5.19.9"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 6.0 Search vendor "Linux" for product "Linux Kernel" and version " < 6.0"		en		Affected