CVE-2022-48783

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-48783
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48783.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-48783
Downstream
Related
Published
2024-07-16T11:13:19Z
Modified
2025-10-08T06:09:09.014501Z
Summary
net: dsa: lantiq_gswip: fix use after free in gswip_remove()
Details

In the Linux kernel, the following vulnerability has been resolved:

net: dsa: lantiqgswip: fix use after free in gswipremove()

ofnodeput(priv->ds->slavemiibus->dev.ofnode) should be done before mdiobusfree(priv->ds->slavemiibus).

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e177d2e85ebcd3008c4b2abc293f4118e04eedef
Fixed
f48bd34137718042872d06f2c7332b3267a29165
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
b5652bc50dde7b84e93dfb25479b64b817e377c1
Fixed
df2495f329b08ac0d0d3e6334a01955ae839005e
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
2443ba2fe396bdde187a2fdfa6a57375643ae93c
Fixed
c61f599b8d33adfa256126a6695c734c0de331cb
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0d120dfb5d67edc5bcd1804e167dba2b30809afd
Fixed
8c6ae46150a453f8ae9a6cd49b45f354f478587d

Affected versions

v5.*

v5.10.101
v5.15.24
v5.16.10
v5.17-rc3

Database specific 

{
    "vanir_signatures": [
        {
            "signature_version": "v1",
            "digest": {
                "length": 523.0,
                "function_hash": "305906641279867588242273542385361073741"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@df2495f329b08ac0d0d3e6334a01955ae839005e",
            "deprecated": false,
            "target": {
                "file": "drivers/net/dsa/lantiq_gswip.c",
                "function": "gswip_remove"
            },
            "signature_type": "Function",
            "id": "CVE-2022-48783-0b50c268"
        },
        {
            "signature_version": "v1",
            "digest": {
                "length": 523.0,
                "function_hash": "305906641279867588242273542385361073741"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8c6ae46150a453f8ae9a6cd49b45f354f478587d",
            "deprecated": false,
            "target": {
                "file": "drivers/net/dsa/lantiq_gswip.c",
                "function": "gswip_remove"
            },
            "signature_type": "Function",
            "id": "CVE-2022-48783-0d20b27e"
        },
        {
            "signature_version": "v1",
            "digest": {
                "length": 471.0,
                "function_hash": "59072526909311695181498159883595988208"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f48bd34137718042872d06f2c7332b3267a29165",
            "deprecated": false,
            "target": {
                "file": "drivers/net/dsa/lantiq_gswip.c",
                "function": "gswip_remove"
            },
            "signature_type": "Function",
            "id": "CVE-2022-48783-1d71469a"
        },
        {
            "signature_version": "v1",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "182873400593136741617457303534182957539",
                    "70650878200621837555524124388034163746",
                    "131995441535572213002809715118215955780",
                    "276141971970630233901924133914878775910",
                    "85671096408257159241865404775335369409"
                ]
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c61f599b8d33adfa256126a6695c734c0de331cb",
            "deprecated": false,
            "target": {
                "file": "drivers/net/dsa/lantiq_gswip.c"
            },
            "signature_type": "Line",
            "id": "CVE-2022-48783-4d4b8cb0"
        },
        {
            "signature_version": "v1",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "182873400593136741617457303534182957539",
                    "70650878200621837555524124388034163746",
                    "131995441535572213002809715118215955780",
                    "276141971970630233901924133914878775910",
                    "85671096408257159241865404775335369409"
                ]
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@df2495f329b08ac0d0d3e6334a01955ae839005e",
            "deprecated": false,
            "target": {
                "file": "drivers/net/dsa/lantiq_gswip.c"
            },
            "signature_type": "Line",
            "id": "CVE-2022-48783-6e53be68"
        },
        {
            "signature_version": "v1",
            "digest": {
                "length": 523.0,
                "function_hash": "305906641279867588242273542385361073741"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c61f599b8d33adfa256126a6695c734c0de331cb",
            "deprecated": false,
            "target": {
                "file": "drivers/net/dsa/lantiq_gswip.c",
                "function": "gswip_remove"
            },
            "signature_type": "Function",
            "id": "CVE-2022-48783-8d984449"
        },
        {
            "signature_version": "v1",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "182873400593136741617457303534182957539",
                    "70650878200621837555524124388034163746",
                    "131995441535572213002809715118215955780",
                    "276141971970630233901924133914878775910",
                    "85671096408257159241865404775335369409"
                ]
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8c6ae46150a453f8ae9a6cd49b45f354f478587d",
            "deprecated": false,
            "target": {
                "file": "drivers/net/dsa/lantiq_gswip.c"
            },
            "signature_type": "Line",
            "id": "CVE-2022-48783-b2bb5ca2"
        },
        {
            "signature_version": "v1",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "182873400593136741617457303534182957539",
                    "70650878200621837555524124388034163746",
                    "131995441535572213002809715118215955780",
                    "276141971970630233901924133914878775910",
                    "85671096408257159241865404775335369409"
                ]
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f48bd34137718042872d06f2c7332b3267a29165",
            "deprecated": false,
            "target": {
                "file": "drivers/net/dsa/lantiq_gswip.c"
            },
            "signature_type": "Line",
            "id": "CVE-2022-48783-e392277b"
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.10.101
Fixed
5.10.102
Type
ECOSYSTEM
Events
Introduced
5.15.24
Fixed
5.15.25
Type
ECOSYSTEM
Events
Introduced
5.16.10
Fixed
5.16.11