PT-2022-4533 · Linux+5 · Linux Kernel+5

Duoming Zhou

·

Published

2022-05-01

·

Updated

2023-08-14

·

CVE-2022-1734

CVSS v3.1

7.0

High

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)
Description A flaw in the Linux Kernel, specifically in the nfcmrvl nci unregister dev() function in drivers/nfc/nfcmrvl/main.c, can lead to use after free, allowing both read and write operations when not synchronized between the cleanup routine and firmware download routine. This issue may impact the confidentiality, integrity, and availability of protected information.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2022-2050
ALT-PU-2022-2131
ALT-PU-2022-2152
ALT-PU-2022-2155
ALT-PU-2023-1684
ALT-PU-2023-1741
ALT-PU-2023-1814
ALT-PU-2023-4894
AZL-9816
BDU:2022-05402
CVE-2022-1734
DLA-3065-1
DSA-5173-1
MGASA-2022-0194
MGASA-2022-0195
OESA-2022-1691
OPENSUSE-SU-2022_2111-1
OPENSUSE-SU-2022_2520-1
OPENSUSE-SU-2022_2615-1
SUSE-SU-2022:2077-1
SUSE-SU-2022:2080-1
SUSE-SU-2022:2082-1
SUSE-SU-2022:2083-1
SUSE-SU-2022:2103-1
SUSE-SU-2022:2104-1
SUSE-SU-2022:2111-1
SUSE-SU-2022:2116-1
SUSE-SU-2022:2194-1
SUSE-SU-2022:2195-1
SUSE-SU-2022:2206-1
SUSE-SU-2022:2216-1
SUSE-SU-2022:2217-1
SUSE-SU-2022:2220-1
SUSE-SU-2022:2230-1
SUSE-SU-2022:2239-1
SUSE-SU-2022:2245-1
SUSE-SU-2022:2262-1
SUSE-SU-2022:2276-1
SUSE-SU-2022:2281-1
SUSE-SU-2022:2520-1
SUSE-SU-2022:2615-1
SUSE-SU-2022:2629-1
SUSE-SU-2022:2854-1
SUSE-SU-2022_2206-1
SUSE-SU-2022_2220-1
SUSE-SU-2022_2276-1
SUSE-SU-2022_2281-1
USN-5471-1
USN-5500-1
USN-5505-1
USN-5513-1
USN-5518-1
USN-5560-1
USN-5560-2
USN-5562-1
USN-5564-1
USN-5582-1

Affected Products

Alt Linux
Astra Linux
Linux Kernel
Linuxmint
Suse
Ubuntu