Use-after-free in Linux kernel iommu driver



| Updated: 2025-05-13
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2022-48796
CWE-ID CWE-416
Exploitation vector Local
Public exploit N/A
Vulnerable software
 Linux kernel
Operating systems & Components / Operating system

Vendor Linux Foundation

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Use-after-free

EUVDB-ID: #VU94419

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48796

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the dev_iommu_get() function in drivers/iommu/iommu.c. A local user can escalate privileges on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Linux kernel: 5.10 - 5.17 rc12

CPE2.3 External links

https://git.kernel.org/stable/c/cb86e511e78e796de6947b8f3acca1b7c76fb2ff
https://git.kernel.org/stable/c/65ab30f6a6952fa9ee13009862736cf8d110e6e5
https://git.kernel.org/stable/c/f74fc4b5bd533ea3d30ce47cccb8ef8d21fda85a
https://git.kernel.org/stable/c/b54240ad494300ff0994c4539a531727874381f4
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.101
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.24
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.10
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###