PT-2022-6250 · Linux+8 · Linux Kernel+8

Hyunwoo Kim

·

Published

2022-11-15

·

Updated

2026-03-13

·

CVE-2022-45884

CVSS v3.1

7.0

High

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions through 6.0.9
Description An issue was discovered in the Linux kernel, related to a use-after-free in drivers/media/dvb-core/dvbdev.c. This is connected to dvb register device dynamically allocating fops. The exploitation of this issue may allow an attacker to cause a denial of service or elevate their privileges.
Recommendations For Linux kernel versions through 6.0.9, consider updating to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-362

Related Identifiers

ALSA-2023:7549
ALT-PU-2022-3220
ALT-PU-2022-3303
ALT-PU-2022-3364
ALT-PU-2022-3371
ALT-PU-2023-1684
ALT-PU-2023-1741
ALT-PU-2023-1814
ALT-PU-2023-4894
AZL-11483
BDU:2023-00647
CESA-2023_7548
CESA-2023_7549
CVE-2022-45884
ECHO-A809-292D-4B38
OESA-2023-1841
OESA-2023-1842
OESA-2023-1843
OESA-2023-1844
OESA-2023-1845
OPENSUSE-SU-2023_2646-1
OPENSUSE-SU-2023_2871-1
OPENSUSE-SU-2024:12994-1
OPENSUSE-SU-2024:13704-1
RHSA-2023:7398
RHSA-2023:7539
RHSA-2023:7548
RHSA-2023:7549
RHSA-2023_7548
RHSA-2023_7549
RLSA-2023:7548
RLSA-2023:7549
RXSA-2023:7549
SUSE-SU-2023:2500-1
SUSE-SU-2023:2501-1
SUSE-SU-2023:2502-1
SUSE-SU-2023:2507-1
SUSE-SU-2023:2534-1
SUSE-SU-2023:2537-1
SUSE-SU-2023:2538-1
SUSE-SU-2023:2611-1
SUSE-SU-2023:2646-1
SUSE-SU-2023:2651-1
SUSE-SU-2023:2653-1
SUSE-SU-2023:2782-1
SUSE-SU-2023:2805-1
SUSE-SU-2023:2809-1
SUSE-SU-2023:2871-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Debian
Linux Kernel
Red Hat
Rocky Linux
Suse