CVE-2022-49025

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-49025

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49025.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-49025

Downstream

DEBIAN-CVE-2022-49025

SUSE-SU-2024:3983-1

SUSE-SU-2024:3985-1

SUSE-SU-2024:4081-1

SUSE-SU-2024:4082-1

SUSE-SU-2024:4103-1

SUSE-SU-2024:4131-1

SUSE-SU-2024:4140-1

SUSE-SU-2024:4364-1

SUSE-SU-2025:1114-1

SUSE-SU-2025:1119-1

SUSE-SU-2025:1121-1

SUSE-SU-2025:1123-1

SUSE-SU-2025:1139-1

UBUNTU-CVE-2022-49025

Related

Published

2024-10-21T20:15:13Z

Modified

2025-08-09T19:01:28Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5e: Fix use-after-free when reverting termination table

When having multiple dests with termination tables and second one or afterwards fails the driver reverts usage of term tables but doesn't reset the assignment in attr->dests[numvportdests].termtbl which case a use-after-free when releasing the rule. Fix by resetting the assignment of termtbl to null.

References

Affected packages