Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 4.8, < 4.9.336 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/196e12671cb629d9f3b77b4d8bec854fc445533aPatch
- https://git.kernel.org/stable/c/296a50aa8b2982117520713edc1375777a9f8506Patch
- https://git.kernel.org/stable/c/3501da8eb6d0f5f114a09ec953c54423f6f35885Patch
- https://git.kernel.org/stable/c/4640177049549de1a43e9bc49265f0cdfce08cfdPatch
- https://git.kernel.org/stable/c/6f4798ac9c9e98f41553c4f5e6c832c8860a6942Patch
- https://git.kernel.org/stable/c/8595a2db8eb0ffcbb466eb9f4a7507a5ba06ebb9Patch
- https://git.kernel.org/stable/c/aceec8ab752428d8e151321479e82cc1a40fee2ePatch
- https://git.kernel.org/stable/c/e71a46cc8c9ad75f3bb0e4b361e81f79c0214ccaPatch
FAQ
What is CVE-2022-48962?
CVE-2022-48962 is a vulnerability with a CVSS score of 7.8 (HIGH). In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() The skb is delivered to napi_gro_receive() which may free it, afte...
How severe is CVE-2022-48962?
CVE-2022-48962 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-48962?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.