CVE-2022-49114

HIGH EPSS 19.5%
Published Feb 26, 20251y ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
High
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix use after free in fc_exch_abts_resp() fc_exch_release(ep) will decrease the ep's reference count. When the reference count reaches zero, it is freed. But ep is still used in the following code, which will lead to a use after free. Return after the fc_exch_release() call to avoid use after free.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
19.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-416 Use After Free Memory Safety

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel* <4.9.311
linuxlinux_kernel*≥4.10  –  <4.14.276
linuxlinux_kernel*≥4.15  –  <4.19.238
linuxlinux_kernel*≥4.20  –  <5.4.189
linuxlinux_kernel*≥5.5  –  <5.10.111
linuxlinux_kernel*≥5.11  –  <5.15.34
linuxlinux_kernel*≥5.16  –  <5.16.20
linuxlinux_kernel*≥5.17  –  <5.17.3

References 9

  • git.kernel.org https://git.kernel.org/stable/c/1d7effe5fff9d28e45e18ac3a564067c7ddfe898
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/271add11994ba1a334859069367e04d2be2ebdd4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/412dd8299b02e4410fe77b8396953c1a8dde183a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/499d198494e77b6533251b9b909baf5c101129cb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4a131d4ea8b581ac9b01d3a72754db4848be3232
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5cf2ce8967b0d98c8cfa4dc42ef4fcf080f5c836
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6044ad64f41c87382cfeeca281573d1886d80cbe
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/87909291762d08fdb60d19069d7a89b5b308d0ef
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f581df412bc45c95176e3c808ee2839c05b2ab0c
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1d7effe5fff9d28e45e18ac3a564067c7ddfe898
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/271add11994ba1a334859069367e04d2be2ebdd4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/412dd8299b02e4410fe77b8396953c1a8dde183a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/499d198494e77b6533251b9b909baf5c101129cb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4a131d4ea8b581ac9b01d3a72754db4848be3232
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5cf2ce8967b0d98c8cfa4dc42ef4fcf080f5c836
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6044ad64f41c87382cfeeca281573d1886d80cbe
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/87909291762d08fdb60d19069d7a89b5b308d0ef
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f581df412bc45c95176e3c808ee2839c05b2ab0c
    Patch