Lucene search

Redhat.comRH:CVE-2022-48626

HistoryFeb 26, 2024 - 11:31 a.m.

CVE-2022-48626

2024-02-2611:31:42

redhat.com

access.redhat.com

linux kernel

cve-2022-48626

moxart driver

use-after-free

vulnerability

mmc host structure

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.1

Confidence

High

EPSS

Percentile

5.1%

JSON

A use-after-free flaw was found in the Linux kernel’s MOXART SD/MMC Host Controller driver. This flaw allows a local user to crash the system.

Mitigation

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

References

bugzilla.redhat.com/show_bug.cgi?id=2266029

lore.kernel.org/linux-cve-announce/2024022558-CVE-2022-48626-8a90@gregkh/T/#u

nvd.nist.gov/vuln/detail/CVE-2022-48626

www.cve.org/CVERecord?id=CVE-2022-48626

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.1

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for RH:CVE-2022-48626