PT-2025-8203 · Linux+3 · Linux Kernel+3

Hangyu Hua

Published

2023-05-09

Updated

2025-09-29

CVE-2022-49275

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions 3.0.x

Description A use after free issue in the Linux kernel has been resolved. The problem occurred in the m can tx handler() function, where can put echo skb() would clone and then free an skb. To fix this, the can put echo skb() call for version 3.0.x was moved directly before the start of transmission in hardware, similar to the fix in the 3.1.x branch.

Recommendations For Linux kernel version 3.0.x, update the kernel to include the fix that moves the can put echo skb() call before the start of transmission in hardware.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025_16880

CVE-2022-49275

OESA-2025-1370

OPENSUSE-SU-2025_1263-1

RHSA-2023:2458

RHSA-2023_2458

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1194-1

SUSE-SU-2025:1241-1

SUSE-SU-2025:1263-1

SUSE-SU-2025:1293-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

SUSE-SU-2025_1263-1

SUSE-SU-2025_1293-1

Affected Products

Astra Linux

Linux Kernel

Red Hat

Suse

PT-2025-8203 · Linux+3 · Linux Kernel+3

CVE-2022-49275

Weakness Enumeration

Related Identifiers

Affected Products

References · 1522