CVE-2022-49182

HIGH EPSS 16.4%
Published Feb 26, 20251y ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: net: hns3: add vlan list lock to protect vlan list When adding port base VLAN, vf VLAN need to remove from HW and modify the vlan state in vf VLAN list as false. If the periodicity task is freeing the same node, it may cause "use after free" error. This patch adds a vlan list lock to protect the vlan list.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
16.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-416 Use After Free Memory Safety

Affected Products 3

VendorProductVersionRange
linuxlinux_kernel*≥5.1  –  <5.15.33
linuxlinux_kernel*≥5.16  –  <5.16.19
linuxlinux_kernel*≥5.17  –  <5.17.2

References 4

  • git.kernel.org https://git.kernel.org/stable/c/09e383ca97e798f9954189b741af54b5c51e7a97
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1932a624ab88ff407d1a1d567fe581faa15dc725
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/30f0ff7176efe8ac6c55f85bce26ed58bb608758
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f58af41deeab0f45c9c80adf5f2de489ebbac3dd
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/09e383ca97e798f9954189b741af54b5c51e7a97
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1932a624ab88ff407d1a1d567fe581faa15dc725
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/30f0ff7176efe8ac6c55f85bce26ed58bb608758
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f58af41deeab0f45c9c80adf5f2de489ebbac3dd
    Patch