CVE-2022-48637 – In the Linux kernel, the following vulnerability has been resolved: bnxt: prevent skb …

28 April 2024

Vuln ID: CVE-2022-48637

Published: 2024-04-28 13:15:06.763

Description: In the Linux kernel, the following vulnerability has been resolved:

bnxt: prevent skb UAF after handing over to PTP worker

When reading the timestamp is required bnxt_tx_int() hands
over the ownership of the completed skb to the PTP worker.
The skb should not be used afterwards, as the worker may
run before the rest of our code and free the skb, leading
to a use-after-free.

Since dev_kfree_skb_any() accepts NULL make the loss of
ownership more obvious and set skb to NULL.

Base Score: –

Vector:

Source: NVD.NIST.GOV

Date:

28 April 2024

Categorie(s):

NVD

Tag(s):

NVD

How To Properly Secure SAP Fiori 12 May 2024
Hackers Moving To AI But Lacking Behind The Defenders In Adoption Rates12 May 2024
Week in review: Veeam fixes RCE flaw in backup management platform, Patch Tuesday forecast12 May 2024
Critical infrastructure security will stay poor unless everyone pulls together11 May 2024
RSA Conference 2024 goes beyond AI-powered security to securing AI itself11 May 2024