CVE-2022-48861

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a use-after-free vulnerability in the Linux kernel's vdpa component. When the vp vdpa driver is unbound, vp vdpa is freed in vdpa unregister device, and then vp vdpa->mdev.pci dev is dereferenced in vp modern remove, triggering use-after-free. This can lead to a denial of service. The vulnerability is triggered by the vp vdpa remove function and the vp modern remove function, which dereferences vp vdpa->mdev.pci dev. The do syscall 64, vfs write, kernfs fop write iter, device release driver internal, pci device remove, vdpa unregister device, kobject release, device release, and kfree functions are involved in the call trace of unbinding the driver and freeing vp vdpa. The pci release selected regions, pci release region, pci resource len, pci resource end, and (dev)->resource[(bar)].end functions are involved in the call trace of dereferencing vp vdpa->mdev.pci dev.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.