A use-after-free vulnerability was found in systemd. This issue occurs due to the onstreamio() function and dnsstreamcomplete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the DNSStream object, causing the use-after-free when the reference is still used later.
{
"cna_assigner": "redhat",
"cwe_ids": [
"CWE-416"
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/2xxx/CVE-2022-2526.json"
}