CVE-2022-48787
Published: Jul 16, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: iwlwifi: fix use-after-free If no firmware was present at all (or, presumably, all of the firmware files failed to parse), we end up unbinding by calling device_release_driver(), which calls remove(), which then in iwlwifi calls iwl_drv_stop(), freeing the 'drv' struct. However the new code I added will still erroneously access it after it was freed. Set 'failure=false' in this case to avoid the access, all data was already freed anyway.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 8e10749fa1a454c1e7214f36cec83241f5a36ef1 - < d3b98fe36f8a06ce654049540773256ab59cb53daffected 1d7cc54137a4f28506dc7beac235b240b08f4e59 - < 7d6475179b85a83186ccce59cdc359d4f07d0bcbaffected 0446cafa843e6db4982731c167e11c80d42be7e2 - < 494de920d98f125b099f27a2d274850750aff957affected febab6b60d61d13cd9f30a2991deea56df39567d - < 008508c16af0087cda0394e1ac6f0493b01b6063affected e23f075d77987de4215c8e0696f28bcc707506f7 - < ddd46059f7d99119b62d44c519df7a79f2e6a515+2 more versions |
Linux | Linux | affected 4.14.263 - < 4.14.268affected 4.19.226 - < 4.19.231affected 5.4.174 - < 5.4.181affected 5.10.94 - < 5.10.102affected 5.15.17 - < 5.15.25+1 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now