QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2022-49388

Back to search

CVE-2022-49388

Published: Feb 26, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ubi: ubi_create_volume: Fix use-after-free when volume creation failed There is an use-after-free problem for 'eba_tbl' in ubi_create_volume()'s error handling path: ubi_eba_replace_table(vol, eba_tbl) vol->eba_tbl = tbl out_mapping: ubi_eba_destroy_table(eba_tbl) // Free 'eba_tbl' out_unlock: put_device(&vol->dev) vol_release kfree(tbl->entries) // UAF Fix it by removing redundant 'eba_tbl' releasing. Fetch a reproducer in [Link].

VendorProductVersions

Linux

Linux

affected
493cfaeaa0c9bc0c79ce5751193d49fdac9aaaec - < 25ff1e3a1351c0d936dd1ac2f9e58231ea1510c9
affected
493cfaeaa0c9bc0c79ce5751193d49fdac9aaaec - < abb67043060f2bf4c03d7c3debb9ae980e2b6db3
affected
493cfaeaa0c9bc0c79ce5751193d49fdac9aaaec - < 8302620aeb940f386817321d272b12411ae7d39f
affected
493cfaeaa0c9bc0c79ce5751193d49fdac9aaaec - < 6d8d3f68cbecfd31925796f0fb668eb21ab06734
affected
493cfaeaa0c9bc0c79ce5751193d49fdac9aaaec - < 5ff2514e4fb55dcf3d88294686040ca73ea0c1a2

+3 more versions

Linux

Linux

affected
4.12
unaffected
0 - < 4.12
unaffected
4.14.283 - <= 4.14.*
unaffected
4.19.247 - <= 4.19.*
unaffected
5.4.198 - <= 5.4.*

+5 more versions

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now