oss-sec mailing list archives

Re: CVE-2022-28893: Linux kernel: Use after free in SUNRPC subsystem

From: "Mike O'Connor" <mjo () dojo mi org>
Date: Mon, 11 Apr 2022 12:39:44 -0400

:On Mon, Apr 11, 2022 at 04:20:56PM +0800, Felix Fu wrote:
:> Hello, I Request a CVE from MITRE.
:> 
:> Description: The SUNRPC subsystem in the Linux kernel through 5.17.2 can
:> call xs_xprt_free before ensuring that sockets are in the intended state.
:> Details: Use after free happens in inet_put_port because some sockets are
:> not close before xs_xprt_free().
:> CVE-ID: CVE-2022-28893  (
:> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28893)
:> Fix:
:> 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1a3b1bba7c7a5eb8a11513cf88427cb9d77bc60a
:
:This is a merge commit, not the actual commit that fixed the issue :(

https://github.com/torvalds/linux/commit/f00432063db1a0db484e85193eccc6845435b80e

appears to be the actual commit that fixed the issue.

-Mike

-- 
 Michael J. O'Connor                                          mjo () dojo mi org
 =--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--=
"Holy one-track Batcomputer mind!!!"                   -Robin, the Boy Wonder

Current thread:

CVE-2022-28893: Linux kernel: Use after free in SUNRPC subsystem Felix Fu (Apr 11)
- Re: CVE-2022-28893: Linux kernel: Use after free in SUNRPC subsystem Greg KH (Apr 11)
  - Re: CVE-2022-28893: Linux kernel: Use after free in SUNRPC subsystem Mike O'Connor (Apr 11)