QwikSec

Security Database

CVE

CWE

Training

CVE-2022-0487

Published: Feb 4, 2022

Modified: Aug 2, 2024

PUBLISHED

Description

A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.

Vendor	Product	Versions
n/a	kernel	affected `kernel 5.14 rc1`

Weaknesses (CWE)

References

https://bugzilla.redhat.com/show_bug.cgi?id=2044561

x_refsource_MISC

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=42933c8aa14be1caa9eda41f65cde8a3a95d3e39

x_refsource_MISC

[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_DEBIAN

vendor-advisory

x_refsource_DEBIAN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2022-0487 - Security Vulnerability | QwikSec