// For flags

CVE-2022-49685

iio: trigger: sysfs: fix use-after-free on remove

Time Line
Published
2024-03-19
Updated
2024-03-19
Firt exploit
2024-03-19
Overview
Descriptions (1)
MITRE
CWE (0)
CAPEC (-)
Risk
CVSS Score
7.8 High
SSVC
-
KEV
-
EPSS
Affected Products (-)
Vendors (1)
linux
Products (1)
linux_kernel
Versions (8)
>= 3.7 < 4.9.321, >= 3.7 < 4.14.286, >= 3.7 < 4.19.250, >= 3.7 < 5.4.202, >= 3.7 < 5.10.127, >= 3.7 < 5.15.51, >= 3.7 < 5.18.8, >= 3.7 < 5.19
Intel Resources (-)
Advisories (-)
-
Exploits (-)
-
Plugins (-)
-
References (9)
General (1)
kernel
Exploits & POcs (-)
Patches (8)
kernel
Advisories (-)
Summary
Descriptions

In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix use-after-free on remove Ensure that the irq_work has completed before the trigger is freed. ================================================================== BUG: KASAN: use-after-free in irq_work_run_list Read of size 8 at addr 0000000064702248 by task python3/25 Call Trace: irq_work_run_list irq_work_tick update_process_times tick_sched_handle tick_sched_timer __hrtimer_run_queues hrtimer_interrupt Allocated by task 25: kmem_cache_alloc_trace iio_sysfs_trig_add dev_attr_store sysfs_kf_write kernfs_fop_write_iter new_sync_write vfs_write ksys_write sys_write Freed by task 25: kfree iio_sysfs_trig_remove dev_attr_store sysfs_kf_write kernfs_fop_write_iter new_sync_write vfs_write ksys_write sys_write ==================================================================

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2025-02-26 CVE Reserved
  • 2025-02-26 CVE Published
  • 2025-02-26 CVE Updated
  • ---------- EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Threat Intelligence Resources (0)
Security Advisory details:

Select an advisory to view details here.

Select an exploit to view details here.

Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 >= 3.7 < 4.9.321
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.7 < 4.9.321"
en
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 >= 3.7 < 4.14.286
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.7 < 4.14.286"
en
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 >= 3.7 < 4.19.250
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.7 < 4.19.250"
en
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 >= 3.7 < 5.4.202
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.7 < 5.4.202"
en
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 >= 3.7 < 5.10.127
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.7 < 5.10.127"
en
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 >= 3.7 < 5.15.51
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.7 < 5.15.51"
en
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 >= 3.7 < 5.18.8
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.7 < 5.18.8"
en
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 >= 3.7 < 5.19
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.7 < 5.19"
en
Affected