Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 3.16, < 4.9.336 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/179499e7a240b2ef590f05eb379c810c26bbc8a4Patch
- https://git.kernel.org/stable/c/1b6360a093ab8969c91a30bb58b753282e2ced4cPatch
- https://git.kernel.org/stable/c/3a4eddd1cb023a71df4152fcc76092953e6fe95aPatch
- https://git.kernel.org/stable/c/433c07a13f59856e4585e89e86b7d4cc59348fabPatch
- https://git.kernel.org/stable/c/8067cd244cea2c332f8326842fd10158fa2cb64fPatch
- https://git.kernel.org/stable/c/93aaa4bb72e388f6a4887541fd3d18b84f1b5ddcPatch
- https://git.kernel.org/stable/c/b6307f7a2fc1c5407b6176f2af34a95214a8c262Patch
- https://git.kernel.org/stable/c/b8ce0e6f9f88a6bb49d291498377e61ea27a5387Patch
FAQ
What is CVE-2022-48960?
CVE-2022-48960 is a vulnerability with a CVSS score of 7.8 (HIGH). In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() The skb is delivered to napi_gro_receive() which may free it, after c...
How severe is CVE-2022-48960?
CVE-2022-48960 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-48960?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.