Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy() Dm_cache also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefore, cancelling timer again in destroy().
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 3.9, < 4.9.337 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/034cbc8d3b47a56acd89453c29632a9c117de09dPatch
- https://git.kernel.org/stable/c/2b17026685a270b2beaf1cdd9857fcedd3505c7ePatch
- https://git.kernel.org/stable/c/2f097dfac7579fd84ff98eb1d3acd41d53a485f3Patch
- https://git.kernel.org/stable/c/4d20032dd90664de09f2902a7ea49ae2f7771746Patch
- https://git.kernel.org/stable/c/6a3e412c2ab131c54945327a7676b006f000a209Patch
- https://git.kernel.org/stable/c/6a459d8edbdbe7b24db42a5a9f21e6aa9e00c2aaPatch
- https://git.kernel.org/stable/c/6ac4f36910764cb510bafc4c3768544f86ca48caPatch
- https://git.kernel.org/stable/c/993406104d2b28fe470126a062ad37a1e21e792ePatch
- https://git.kernel.org/stable/c/d2a0b298ebf83ab6236f66788a3541e91ce75a70Patch
FAQ
What is CVE-2022-50496?
CVE-2022-50496 is a vulnerability with a CVSS score of 7.8 (HIGH). In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy() Dm_cache also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefore...
How severe is CVE-2022-50496?
CVE-2022-50496 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-50496?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.