PT-2025-8319 · Linux+2 · Linux Kernel+2

Schspa Shi

Publicado

2022-05-19

Atualizado

2025-05-20

CVE-2022-49385

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free (UAF) issue was found in the Linux kernel. The problem occurs when the driver attach function fails, causing the driver private to be freed while still being part of the bus. This results in a UAF condition.

Recommendations To fix the issue, delete the driver from the bus when the driver attach function fails.

Exploit

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

BDU:2025-10270

CVE-2022-49385

OESA-2025-1465

OPENSUSE-SU-2025_1263-1

RHSA-2025:14744

RHSA-2025:14749

SUSE-SU-2025:01600-1

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1194-1

SUSE-SU-2025:1241-1

SUSE-SU-2025:1263-1

SUSE-SU-2025_01600-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

SUSE-SU-2025_1263-1

Produtos afetados

Astra Linux

Linux Kernel

Suse

PT-2025-8319 · Linux+2 · Linux Kernel+2

CVE-2022-49385

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 1509