PT-2022-4886 · Linux+8 · Linux Kernel+8

Hyunwoo Kim

·

Published

2022-09-08

·

Updated

2025-12-08

·

CVE-2022-41218

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.19.10
Description The issue is related to the use of memory after it has been freed in the Linux kernel's dvb-core module, specifically affecting the dvb demux open() and dvb dmxdev release() functions. This is caused by refcount races when handling the dvbdev->users and dvr dvbdev->users parameters. Exploitation of this issue could allow an attacker to cause a denial of service.
Recommendations For Linux kernel versions through 5.19.10, update to a version that includes the fix for this issue to prevent potential exploitation. As a temporary workaround, consider restricting access to the vulnerable dvb demux open() and dvb dmxdev release() functions until a patch is available.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2023:2736
ALSA-2023:2951
ALSA-2024_2394
ALSA-2025_16880
ALSA-2025_22800
ALSA-2025_22801
ALT-PU-2022-2666
ALT-PU-2022-2691
ALT-PU-2022-2915
ALT-PU-2022-2919
ALT-PU-2023-1684
ALT-PU-2023-1741
ALT-PU-2023-1814
ALT-PU-2023-4894
AZL-10984
BDU:2022-06029
CESA-2023_2736
CESA-2023_2951
CVE-2022-41218
DLA-3349-1
DLA-3403-1
DSA-5324-1
ELSA-2023-12196
ELSA-2023-12199
ELSA-2023-12200
ELSA-2023-12206
ELSA-2023-12207
ELSA-2023-12688
ELSA-2023-2951
MGASA-2023-0007
MGASA-2023-0008
OESA-2022-2161
OESA-2022-2162
OESA-2023-1013
OPENSUSE-SU-2022_3585-1
OPENSUSE-SU-2022_3609-1
OPENSUSE-SU-2022_3693-1
OPENSUSE-SU-2022_3775-1
OPENSUSE-SU-2022_3844-1
OPENSUSE-SU-2022_4617-1
OPENSUSE-SU-2024:12373-1
OPENSUSE-SU-2024:13704-1
RHSA-2023:2736
RHSA-2023:2951
RHSA-2023_2736
RHSA-2023_2951
RHSA-2024:0412
SUSE-SU-2022:3584-1
SUSE-SU-2022:3585-1
SUSE-SU-2022:3586-1
SUSE-SU-2022:3587-1
SUSE-SU-2022:3599-1
SUSE-SU-2022:3609-1
SUSE-SU-2022:3688-1
SUSE-SU-2022:3693-1
SUSE-SU-2022:3704-1
SUSE-SU-2022:3775-1
SUSE-SU-2022:3779-1
SUSE-SU-2022:3809-1
SUSE-SU-2022:3810-1
SUSE-SU-2022:3844-1
SUSE-SU-2022:4506-1
SUSE-SU-2022:4513-1
SUSE-SU-2022:4516-1
SUSE-SU-2022:4518-1
SUSE-SU-2022:4520-1
SUSE-SU-2022:4527-1
SUSE-SU-2022:4528-1
SUSE-SU-2022:4533-1
SUSE-SU-2022:4534-1
SUSE-SU-2022:4543-1
SUSE-SU-2022:4544-1
SUSE-SU-2022:4545-1
SUSE-SU-2022:4550-1
SUSE-SU-2022:4551-1
SUSE-SU-2022:4559-1
SUSE-SU-2022:4562-1
SUSE-SU-2022:4569-1
SUSE-SU-2022:4577-1
SUSE-SU-2022:4580-1
SUSE-SU-2022:4587-1
SUSE-SU-2022:4595-1
SUSE-SU-2022:4617-1
SUSE-SU-2022_3585-1
SUSE-SU-2022_3599-1
SUSE-SU-2022_3688-1
SUSE-SU-2022_3693-1
SUSE-SU-2022_3704-1
SUSE-SU-2022_3775-1
SUSE-SU-2022_3779-1
SUSE-SU-2022_3844-1
SUSE-SU-2022_4506-1
SUSE-SU-2022_4513-1
SUSE-SU-2022_4516-1
SUSE-SU-2022_4518-1
SUSE-SU-2022_4520-1
SUSE-SU-2022_4527-1
SUSE-SU-2022_4528-1
SUSE-SU-2022_4533-1
SUSE-SU-2022_4534-1
SUSE-SU-2022_4543-1
SUSE-SU-2022_4544-1
SUSE-SU-2022_4550-1
SUSE-SU-2022_4551-1
SUSE-SU-2022_4559-1
SUSE-SU-2022_4562-1
SUSE-SU-2022_4569-1
SUSE-SU-2022_4577-1
SUSE-SU-2022_4580-1
SUSE-SU-2022_4587-1
SUSE-SU-2023:0416-1
USN-5915-1
USN-5917-1
USN-5924-1
USN-5927-1
USN-5934-1
USN-5939-1
USN-5940-1
USN-5951-1
USN-5975-1
USN-5981-1
USN-5982-1
USN-5984-1
USN-5987-1
USN-5991-1
USN-6000-1
USN-6001-1
USN-6004-1
USN-6009-1
USN-6013-1
USN-6014-1
USN-6024-1
USN-6030-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Suse
Ubuntu