VIR Vulnerability Intelligence Relay

CVE-2022-49127

unknown
Published — · Modified —
CVSS v3
VIR risk

Description

In the Linux kernel, the following vulnerability has been resolved: ref_tracker: implement use-after-free detection Whenever ref_tracker_dir_init() is called, mark the struct ref_tracker_dir as dead. Test the dead status from ref_tracker_alloc() and ref_tracker_free() This should detect buggy dev_put()/dev_hold() happening too late in netdevice dismantle process.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

OS impact
OSVersionStatusFixed in
suse slesaffected
debian debianbookwormfixed5.17.3-1
debian debianbullseyefixed0
debian debianforkyfixed5.17.3-1
debian debiansidfixed5.17.3-1
debian debiantrixiefixed5.17.3-1

References

💬 Discuss CVE-2022-49127 on VIR Community →

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.