CVE-2022-49385

In the Linux kernel, the following vulnerability has been resolved: driver: base: fix UAF when driver_attach failed When driver_attach(drv); failed, the driver_private will be freed. But it has been added to the bus, which caused a UAF. To fix it, we need to delete it from the bus when failed.

CVSS

No CVSS.

References

Link	Resource
https://git.kernel.org/stable/c/310862e574001a97ad02272bac0fd13f75f42a27	Patch
https://git.kernel.org/stable/c/5389101257828d1913d713d9a40acbe14f5961df	Patch
https://git.kernel.org/stable/c/5d709f58c743166fe1c6914b9de0ae8868600d9b	Patch
https://git.kernel.org/stable/c/823f24f2e329babd0330200d0b74882516fe57f4	Patch
https://git.kernel.org/stable/c/c059665c84feab46b7173d3a1bf36c2fb7f9df86	Patch
https://git.kernel.org/stable/c/cdf1a683a01583bca4b618dd16223cbd6e462e21	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

25 Mar 2025, 14:58

Type	Values Removed	Values Added
First Time		Linux linux Kernel Linux
CPE		cpe:2.3:o:linux:linux_kernel::::::::
References	~~() https://git.kernel.org/stable/c/823f24f2e329babd0330200d0b74882516fe57f4 -~~	() https://git.kernel.org/stable/c/823f24f2e329babd0330200d0b74882516fe57f4 - Patch
References	~~() https://git.kernel.org/stable/c/c059665c84feab46b7173d3a1bf36c2fb7f9df86 -~~	() https://git.kernel.org/stable/c/c059665c84feab46b7173d3a1bf36c2fb7f9df86 - Patch
References	~~() https://git.kernel.org/stable/c/310862e574001a97ad02272bac0fd13f75f42a27 -~~	() https://git.kernel.org/stable/c/310862e574001a97ad02272bac0fd13f75f42a27 - Patch
References	~~() https://git.kernel.org/stable/c/5d709f58c743166fe1c6914b9de0ae8868600d9b -~~	() https://git.kernel.org/stable/c/5d709f58c743166fe1c6914b9de0ae8868600d9b - Patch
References	~~() https://git.kernel.org/stable/c/cdf1a683a01583bca4b618dd16223cbd6e462e21 -~~	() https://git.kernel.org/stable/c/cdf1a683a01583bca4b618dd16223cbd6e462e21 - Patch
References	~~() https://git.kernel.org/stable/c/5389101257828d1913d713d9a40acbe14f5961df -~~	() https://git.kernel.org/stable/c/5389101257828d1913d713d9a40acbe14f5961df - Patch

26 Feb 2025, 07:01

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-02-26 07:01

Updated : 2025-03-25 14:58

NVD link : CVE-2022-49385

Mitre link : CVE-2022-49385

JSON object : View

Products Affected

linux

linux_kernel

CWE

No CWE.

JSON object

Attach tags to CVE-2022-49385

Attach tags to `CVE-2022-49385`