• CVE-2022-48873

发布时间: 2024年8月30日

修改时间: 2024年8月30日

概要

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Don't remove map on creater_process and device_release Do not remove the map from the list on error path in fastrpc_init_create_process, instead call fastrpc_map_put, to avoid use-after-free. Do not remove it on fastrpc_device_release either, call fastrpc_map_put instead. The fastrpc_free_map is the only proper place to remove the map. This is called only after the reference count is 0.

CVSS v3 指标

NVD openEuler
Confidentiality High Low
Attack Vector Local Local
CVSS评分 7.8 3.9
Attack Complexity Low High
Privileges Required Low High
Scope Unchanged Unchanged
Integrity High Low
User Interaction None None
Availability High Low

安全公告

公告名 概要 发布时间
KylinSec-SA-2024-4977 kernel security update 2025年2月28日

影响产品

产品 状态
KY3.5.2 kernel Fixed