CVE-2022-48686

MEDIUM Year: 2022
CVSS v3 Score
6.2
Medium
Weakness Type
CWE-416
View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix UAF when detecting digest errors We should also bail from the io_work loop when we set rd_enabled to true, so we don't attempt to read data from the socket when the TCP stream is already out-of-sync or corrupted.

Related Vulnerabilities

CVE-2018-14619

MEDIUM
CVSS:6.2(Medium)

A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The "null skcipher" was being dropped when each af_alg_ctx was freed instead of when the aead_tfm was freed...

CWE-4162018

CVE-2021-47224

MEDIUM
CVSS:6.2(Medium)

In the Linux kernel, the following vulnerability has been resolved: net: ll_temac: Make sure to free skb when it is completely used With the skb pointer piggy-backed on the TX BD, we have a simple and...

CWE-4162021

CVE-2021-47375

MEDIUM
CVSS:6.2(Medium)

In the Linux kernel, the following vulnerability has been resolved: blktrace: Fix uaf in blk_trace access after removing by sysfs There is an use-after-free problem triggered by following process: P1(...

CWE-4162021

CVE-2022-48674

MEDIUM
CVSS:6.2(Medium)

In the Linux kernel, the following vulnerability has been resolved: erofs: fix pcluster use-after-free on UP platforms During stress testing with CONFIG_SMP disabled, KASAN reports as below: =========...

CWE-4162022

CVE-2023-52838

MEDIUM
CVSS:6.2(Medium)

In the Linux kernel, the following vulnerability has been resolved: fbdev: imsttfb: fix a resource leak in probe I've re-written the error handling but the bug is that if init_imstt() fails we need to...

CWE-4162023

CVE-2024-25385

MEDIUM
CVSS:6.2(Medium)

An issue in flvmeta v.1.2.2 allows a local attacker to cause a denial of service via the flvmeta/src/flv.c:375:21 function in flv_close.

CWE-4162024