PT-2022-7645 · Linux+3 · Linux Kernel+3

Sagi Grimberg

Published

2022-02-02

Updated

2025-01-10

CVE-2022-48788

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a use-after-free vulnerability in the nvme rdma error recovery work() function. This vulnerability can be exploited due to a race condition, potentially affecting the confidentiality, integrity, and availability of protected information. The vulnerability occurs when nvme rdma submit async event work checks the controller and queue state before preparing the AER command and scheduling io work. To prevent this race, the error recovery work must flush async event work before destroying the admin queue after setting the controller state to RESETTING.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

AZL-47446

BDU:2024-07753

CVE-2022-48788

OESA-2024-1895

OPENSUSE-SU-2024_2947-1

OPENSUSE-SU-2024_3249-1

SUSE-SU-2024:2894-1

SUSE-SU-2024:2902-1

SUSE-SU-2024:2929-1

SUSE-SU-2024:2939-1

SUSE-SU-2024:2947-1

SUSE-SU-2024:3225-1

SUSE-SU-2024:3249-1

SUSE-SU-2024:3559-1

SUSE-SU-2024:3566-1

SUSE-SU-2024:3591-1

SUSE-SU-2024:4100-1

SUSE-SU-2025:0034-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

PT-2022-7645 · Linux+3 · Linux Kernel+3

CVE-2022-48788

Weakness Enumeration

Related Identifiers

Affected Products

References · 1737