CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-48867

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Prevent use after free on completion memory On driver unload any pending descriptors are flushed at the time the interrupt is freed: idxd_dmaengine_drv_remove() -> drv_disable_wq() -> idxd_wq_free_irq() -> idxd_flush_pending_descs(). If there are any descriptors present that need to be flushed this flow triggers a "not present" page fault as below: BUG: unable to handle page fault for address: ff391c97c70c9040 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page The address that triggers the fault is the address of the descriptor that was freed moments earlier via: drv_disable_wq()->idxd_wq_free_resources() Fix the use after free by freeing the descriptors after any possible usage. This is done after idxd_wq_reset() to ensure that the memory remains accessible during possible completion writes by the device.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 2.1%

CVSS Severity

CVSS v3 Score 7.8

References

Products affected by CVE-2022-48867

Linux » Linux Kernel » Version: 5.19

cpe:2.3:o:linux:linux_kernel:5.19
Linux » Linux Kernel » Version: 5.19.1

cpe:2.3:o:linux:linux_kernel:5.19.1
Linux » Linux Kernel » Version: 5.19.10

cpe:2.3:o:linux:linux_kernel:5.19.10
Linux » Linux Kernel » Version: 5.19.11

cpe:2.3:o:linux:linux_kernel:5.19.11
Linux » Linux Kernel » Version: 5.19.12

cpe:2.3:o:linux:linux_kernel:5.19.12
Linux » Linux Kernel » Version: 5.19.13

cpe:2.3:o:linux:linux_kernel:5.19.13
Linux » Linux Kernel » Version: 5.19.14

cpe:2.3:o:linux:linux_kernel:5.19.14
Linux » Linux Kernel » Version: 5.19.15

cpe:2.3:o:linux:linux_kernel:5.19.15
Linux » Linux Kernel » Version: 5.19.16

cpe:2.3:o:linux:linux_kernel:5.19.16
Linux » Linux Kernel » Version: 5.19.17

cpe:2.3:o:linux:linux_kernel:5.19.17
Linux » Linux Kernel » Version: 5.19.2

cpe:2.3:o:linux:linux_kernel:5.19.2
Linux » Linux Kernel » Version: 5.19.3

cpe:2.3:o:linux:linux_kernel:5.19.3
Linux » Linux Kernel » Version: 5.19.4

cpe:2.3:o:linux:linux_kernel:5.19.4
Linux » Linux Kernel » Version: 5.19.5

cpe:2.3:o:linux:linux_kernel:5.19.5
Linux » Linux Kernel » Version: 5.19.6

cpe:2.3:o:linux:linux_kernel:5.19.6
Linux » Linux Kernel » Version: 5.19.7

cpe:2.3:o:linux:linux_kernel:5.19.7
Linux » Linux Kernel » Version: 5.19.8

cpe:2.3:o:linux:linux_kernel:5.19.8
Linux » Linux Kernel » Version: 5.19.9

cpe:2.3:o:linux:linux_kernel:5.19.9
Linux » Linux Kernel » Version: 6.0

cpe:2.3:o:linux:linux_kernel:6.0
Linux » Linux Kernel » Version: 6.0.1

cpe:2.3:o:linux:linux_kernel:6.0.1
Linux » Linux Kernel » Version: 6.0.10

cpe:2.3:o:linux:linux_kernel:6.0.10
Linux » Linux Kernel » Version: 6.0.11

cpe:2.3:o:linux:linux_kernel:6.0.11
Linux » Linux Kernel » Version: 6.0.12

cpe:2.3:o:linux:linux_kernel:6.0.12
Linux » Linux Kernel » Version: 6.0.13

cpe:2.3:o:linux:linux_kernel:6.0.13
Linux » Linux Kernel » Version: 6.0.14

cpe:2.3:o:linux:linux_kernel:6.0.14
Linux » Linux Kernel » Version: 6.0.15

cpe:2.3:o:linux:linux_kernel:6.0.15
Linux » Linux Kernel » Version: 6.0.16

cpe:2.3:o:linux:linux_kernel:6.0.16
Linux » Linux Kernel » Version: 6.0.17

cpe:2.3:o:linux:linux_kernel:6.0.17
Linux » Linux Kernel » Version: 6.0.18

cpe:2.3:o:linux:linux_kernel:6.0.18
Linux » Linux Kernel » Version: 6.0.19

cpe:2.3:o:linux:linux_kernel:6.0.19
Linux » Linux Kernel » Version: 6.0.2

cpe:2.3:o:linux:linux_kernel:6.0.2
Linux » Linux Kernel » Version: 6.0.3

cpe:2.3:o:linux:linux_kernel:6.0.3
Linux » Linux Kernel » Version: 6.0.4

cpe:2.3:o:linux:linux_kernel:6.0.4
Linux » Linux Kernel » Version: 6.0.5

cpe:2.3:o:linux:linux_kernel:6.0.5
Linux » Linux Kernel » Version: 6.0.6

cpe:2.3:o:linux:linux_kernel:6.0.6
Linux » Linux Kernel » Version: 6.0.7

cpe:2.3:o:linux:linux_kernel:6.0.7
Linux » Linux Kernel » Version: 6.0.8

cpe:2.3:o:linux:linux_kernel:6.0.8
Linux » Linux Kernel » Version: 6.0.9

cpe:2.3:o:linux:linux_kernel:6.0.9
Linux » Linux Kernel » Version: 6.1

cpe:2.3:o:linux:linux_kernel:6.1
Linux » Linux Kernel » Version: 6.1.1

cpe:2.3:o:linux:linux_kernel:6.1.1
Linux » Linux Kernel » Version: 6.1.2

cpe:2.3:o:linux:linux_kernel:6.1.2
Linux » Linux Kernel » Version: 6.1.3

cpe:2.3:o:linux:linux_kernel:6.1.3
Linux » Linux Kernel » Version: 6.1.4

cpe:2.3:o:linux:linux_kernel:6.1.4
Linux » Linux Kernel » Version: 6.1.5

cpe:2.3:o:linux:linux_kernel:6.1.5
Linux » Linux Kernel » Version: 6.1.6

cpe:2.3:o:linux:linux_kernel:6.1.6
Linux » Linux Kernel » Version: 6.1.7

cpe:2.3:o:linux:linux_kernel:6.1.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-48867

Products

Pricing

Contact Us