CVE-2022-48990

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a use-after-free vulnerability in the Linux kernel, specifically in the amdgpu module. This vulnerability may allow an attacker to impact the confidentiality, integrity, and availability of protected information. The vulnerability is associated with the amdgpu job free cb() function in the drivers/gpu/drm/amd/amdgpu/amdgpu job.c file. The fw fence may not be initialized, and it is necessary to check if dma fence init is performed before job free. The vulnerability can be exploited during GPU recovery.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.