Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-48962

Summary
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At-21 Oct, 2024 | 20:05
Updated At-04 May, 2025 | 08:27
Rejected At-
Credits

net: hisilicon: Fix potential use-after-free in hisi_femac_rx()

In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Linux
Assigner Org ID:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:21 Oct, 2024 | 20:05
Updated At:04 May, 2025 | 08:27
Rejected At:
▼CVE Numbering Authority (CNA)
net: hisilicon: Fix potential use-after-free in hisi_femac_rx()

In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/net/ethernet/hisilicon/hisi_femac.c
Default Status
unaffected
Versions
Affected
  • From 542ae60af24f02e130e62cb3b7c23163a2350056 before 3501da8eb6d0f5f114a09ec953c54423f6f35885 (git)
  • From 542ae60af24f02e130e62cb3b7c23163a2350056 before 196e12671cb629d9f3b77b4d8bec854fc445533a (git)
  • From 542ae60af24f02e130e62cb3b7c23163a2350056 before aceec8ab752428d8e151321479e82cc1a40fee2e (git)
  • From 542ae60af24f02e130e62cb3b7c23163a2350056 before e71a46cc8c9ad75f3bb0e4b361e81f79c0214cca (git)
  • From 542ae60af24f02e130e62cb3b7c23163a2350056 before 296a50aa8b2982117520713edc1375777a9f8506 (git)
  • From 542ae60af24f02e130e62cb3b7c23163a2350056 before 6f4798ac9c9e98f41553c4f5e6c832c8860a6942 (git)
  • From 542ae60af24f02e130e62cb3b7c23163a2350056 before 8595a2db8eb0ffcbb466eb9f4a7507a5ba06ebb9 (git)
  • From 542ae60af24f02e130e62cb3b7c23163a2350056 before 4640177049549de1a43e9bc49265f0cdfce08cfd (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/net/ethernet/hisilicon/hisi_femac.c
Default Status
affected
Versions
Affected
  • 4.8
Unaffected
  • From 0 before 4.8 (semver)
  • From 4.9.336 through 4.9.* (semver)
  • From 4.14.302 through 4.14.* (semver)
  • From 4.19.269 through 4.19.* (semver)
  • From 5.4.227 through 5.4.* (semver)
  • From 5.10.159 through 5.10.* (semver)
  • From 5.15.83 through 5.15.* (semver)
  • From 6.0.13 through 6.0.* (semver)
  • From 6.1 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/3501da8eb6d0f5f114a09ec953c54423f6f35885
N/A
https://git.kernel.org/stable/c/196e12671cb629d9f3b77b4d8bec854fc445533a
N/A
https://git.kernel.org/stable/c/aceec8ab752428d8e151321479e82cc1a40fee2e
N/A
https://git.kernel.org/stable/c/e71a46cc8c9ad75f3bb0e4b361e81f79c0214cca
N/A
https://git.kernel.org/stable/c/296a50aa8b2982117520713edc1375777a9f8506
N/A
https://git.kernel.org/stable/c/6f4798ac9c9e98f41553c4f5e6c832c8860a6942
N/A
https://git.kernel.org/stable/c/8595a2db8eb0ffcbb466eb9f4a7507a5ba06ebb9
N/A
https://git.kernel.org/stable/c/4640177049549de1a43e9bc49265f0cdfce08cfd
N/A
Hyperlink: https://git.kernel.org/stable/c/3501da8eb6d0f5f114a09ec953c54423f6f35885
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/196e12671cb629d9f3b77b4d8bec854fc445533a
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/aceec8ab752428d8e151321479e82cc1a40fee2e
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/e71a46cc8c9ad75f3bb0e4b361e81f79c0214cca
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/296a50aa8b2982117520713edc1375777a9f8506
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/6f4798ac9c9e98f41553c4f5e6c832c8860a6942
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/8595a2db8eb0ffcbb466eb9f4a7507a5ba06ebb9
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/4640177049549de1a43e9bc49265f0cdfce08cfd
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:21 Oct, 2024 | 20:15
Updated At:24 Oct, 2024 | 19:27

In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 4.8(inclusive) to 4.9.336(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 4.10(inclusive) to 4.14.302(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 4.15(inclusive) to 4.19.269(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 4.20(inclusive) to 5.4.227(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.5(inclusive) to 5.10.159(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.11(inclusive) to 5.15.83(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.16(inclusive) to 6.0.13(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.1
cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.1
cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.1
cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.1
cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.1
cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.1
cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.1
cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.1
cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-416Primarynvd@nist.gov
CWE ID: CWE-416
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://git.kernel.org/stable/c/196e12671cb629d9f3b77b4d8bec854fc445533a416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/296a50aa8b2982117520713edc1375777a9f8506416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/3501da8eb6d0f5f114a09ec953c54423f6f35885416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/4640177049549de1a43e9bc49265f0cdfce08cfd416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/6f4798ac9c9e98f41553c4f5e6c832c8860a6942416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/8595a2db8eb0ffcbb466eb9f4a7507a5ba06ebb9416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/aceec8ab752428d8e151321479e82cc1a40fee2e416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/e71a46cc8c9ad75f3bb0e4b361e81f79c0214cca416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Hyperlink: https://git.kernel.org/stable/c/196e12671cb629d9f3b77b4d8bec854fc445533a
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/296a50aa8b2982117520713edc1375777a9f8506
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/3501da8eb6d0f5f114a09ec953c54423f6f35885
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/4640177049549de1a43e9bc49265f0cdfce08cfd
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/6f4798ac9c9e98f41553c4f5e6c832c8860a6942
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/8595a2db8eb0ffcbb466eb9f4a7507a5ba06ebb9
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/aceec8ab752428d8e151321479e82cc1a40fee2e
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/e71a46cc8c9ad75f3bb0e4b361e81f79c0214cca
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch

Change History

0
Information is not available yet

Similar CVEs

0Records found
Details not found