CVE-2022-49025

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-49025
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49025.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-49025
Downstream
Related
Published
2024-10-21T20:15:13Z
Modified
2025-08-09T19:01:28Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5e: Fix use-after-free when reverting termination table

When having multiple dests with termination tables and second one or afterwards fails the driver reverts usage of term tables but doesn't reset the assignment in attr->dests[numvportdests].termtbl which case a use-after-free when releasing the rule. Fix by resetting the assignment of termtbl to null.

References

Affected packages