PT-2022-7273 · Linux+8 · Linux Kernel+8

Xu Wang

·

Published

2022-06-16

·

Updated

2025-01-21

·

CVE-2019-25162

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to a potential use after free in the i2c module of the Linux kernel. This could allow an attacker to impact the confidentiality, integrity, and availability of protected information. The problem is fixed by moving the put device() call to avoid the use after free.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2024:3618
ALSA-2024:3627
BDU:2024-01697
CESA-2024_3618
CESA-2024_3627
CVE-2019-25162
INFSA-2024_3618
INFSA-2024_3627
INFSA-2024_9315
OPENSUSE-SU-2024_0857-1
OPENSUSE-SU-2024_0858-1
RHSA-2024:3618
RHSA-2024:3627
RHSA-2024:9315
RHSA-2024_3618
RHSA-2024_3627
RHSA-2024_9315
RHSA-2025:2270
RLSA-2024:3618
RLSA-2024:3627
SUSE-SU-2024:0855-1
SUSE-SU-2024:0856-1
SUSE-SU-2024:0857-1
SUSE-SU-2024:0858-1
SUSE-SU-2024:0900-1
SUSE-SU-2024:0900-2
SUSE-SU-2024:0910-1
SUSE-SU-2024:0925-1
SUSE-SU-2024:0926-1
SUSE-SU-2024:0975-1
SUSE-SU-2024:0976-1
SUSE-SU-2024:0977-1
SUSE-SU-2024_0855-1
SUSE-SU-2024_0857-1
SUSE-SU-2024_0858-1
SUSE-SU-2024_0900-1
SUSE-SU-2024_0910-1
SUSE-SU-2024_0925-1
SUSE-SU-2024_0926-1
SUSE-SU-2024_0975-1
SUSE-SU-2024_0976-1
USN-6739-1

Affected Products

Almalinux
Astra Linux
Centos
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu