CVE-2022-45888

An issue was discovered in the Linux kernel through 6.0.9. drivers/char/xillybus/xillyusb.c has a race condition and use-after-free during physical removal of a USB device.
References
Link Resource
https://lore.kernel.org/all/20221022175404.GA375335@ubuntu/ Exploit Patch Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

29 Nov 2022, 20:48

Type Values Removed Values Added
CWE CWE-416
CWE-362
First Time Linux linux Kernel
Linux
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.4
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
References (MISC) https://lore.kernel.org/all/20221022175404.GA375335@ubuntu/ - (MISC) https://lore.kernel.org/all/20221022175404.GA375335@ubuntu/ - Exploit, Patch, Vendor Advisory

25 Nov 2022, 04:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-11-25 04:15

Updated : 2022-11-29 20:48


NVD link : CVE-2022-45888

Mitre link : CVE-2022-45888


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-416

Use After Free

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')