CVE-2022-1734

Published: May 18, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.

Vendor	Product	Versions
n/a	kernel	affected `Linux kernel versions prior to 5.18-rc6`

Weaknesses (CWE)

CWE-416

References

https://github.com/torvalds/linux/commit/d270453a0d9ec10bb8a802a142fb1b3601a83098

x_refsource_MISC

[oss-security] 20220605 Re: Linux kernel: UAF, null-ptr-deref and double-free vulnerabilities in nfcmrvl module

mailing-list

x_refsource_MLIST

[oss-security] 20220609 Re: Linux kernel: UAF, null-ptr-deref and double-free vulnerabilities in nfcmrvl module

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update

mailing-list

x_refsource_MLIST

DSA-5173

vendor-advisory

x_refsource_DEBIAN

https://security.netapp.com/advisory/ntap-20220707-0007/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-1734

Description

Affected Products

Weaknesses (CWE)

References