Use-after-free in Linux kernel vdpa virtio_pci driver



| Updated: 2025-05-13
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2022-48861
CWE-ID CWE-416
Exploitation vector Local
Public exploit N/A
Vulnerable software
 Linux kernel
Operating systems & Components / Operating system

Vendor Linux Foundation

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Use-after-free

EUVDB-ID: #VU94410

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48861

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the vp_vdpa_remove() function in drivers/vdpa/virtio_pci/vp_vdpa.c. A local user can escalate privileges on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Linux kernel: 5.15 - 5.17 rc12

CPE2.3 External links

https://git.kernel.org/stable/c/4b1743bc715a3691a63ac21b349079b07bf1b19e
https://git.kernel.org/stable/c/dc54ba9932aeaaa1a21fe214af1f446593a78274
https://git.kernel.org/stable/c/eb057b44dbe35ae14527830236a92f51de8f9184
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.29
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.15
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###