Vulnerabilities > CVE-2022-1195 - Use After Free vulnerability in multiple products
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3e0588c291d6ce225f2b891753ca41d45ba42469
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b2f37aead1b82a770c48b5d583f35ec22aabb61e
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0b9111922b1f399aba6ed1e1b8f2079c3da1aed8
- https://bugzilla.redhat.com/show_bug.cgi?id=2056381
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=81b1d548d00bcd028303c4f3150fa753b9b8aa71
- https://www.debian.org/security/2022/dsa-5127
- https://www.debian.org/security/2022/dsa-5173