CVE-2022-48697

2024-05-0300:00:00

ubuntu.com

linux kernel

use-after-free

vulnerability

nvmet

fix

AI Score

6.5

Confidence

Low

EPSS

Percentile

10.3%

JSON

In the Linux kernel, the following vulnerability has been resolved: nvmet:
fix a use-after-free Fix the following use-after-free complaint triggered
by blktests nvme/004: BUG: KASAN: user-memory-access in
blk_mq_complete_request_remote+0xac/0x350 Read of size 4 at addr
0000607bd1835943 by task kworker/13:1/460 Workqueue: nvmet-wq
nvme_loop_execute_work [nvme_loop] Call Trace: show_stack+0x52/0x58
dump_stack_lvl+0x49/0x5e print_report.cold+0x36/0x1e2
kasan_report+0xb9/0xf0 __asan_load4+0x6b/0x80
blk_mq_complete_request_remote+0xac/0x350
nvme_loop_queue_response+0x1df/0x275 [nvme_loop]
__nvmet_req_complete+0x132/0x4f0 [nvmet] nvmet_req_complete+0x15/0x40
[nvmet] nvmet_execute_io_connect+0x18a/0x1f0 [nvmet]
nvme_loop_execute_work+0x20/0x30 [nvme_loop] process_one_work+0x56e/0xa70
worker_thread+0x2d1/0x640 kthread+0x183/0x1c0 ret_from_fork+0x1f/0x30

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< anyUNKNOWN
ubuntu20.04noarchlinux< anyUNKNOWN
ubuntu22.04noarchlinux< anyUNKNOWN
ubuntu18.04noarchlinux-aws< anyUNKNOWN
ubuntu20.04noarchlinux-aws< anyUNKNOWN
ubuntu22.04noarchlinux-aws< anyUNKNOWN
ubuntu20.04noarchlinux-aws-5.15< anyUNKNOWN
ubuntu18.04noarchlinux-aws-5.4< anyUNKNOWN
ubuntu16.04noarchlinux-aws-hwe< anyUNKNOWN
ubuntu20.04noarchlinux-azure< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	linux	< any	UNKNOWN
ubuntu	20.04	noarch	linux	< any	UNKNOWN
ubuntu	22.04	noarch	linux	< any	UNKNOWN
ubuntu	18.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	20.04	noarch	linux-aws-5.15	< any	UNKNOWN
ubuntu	18.04	noarch	linux-aws-5.4	< any	UNKNOWN
ubuntu	16.04	noarch	linux-aws-hwe	< any	UNKNOWN
ubuntu	20.04	noarch	linux-azure	< any	UNKNOWN