CVE-2022-48911

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-48911
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48911.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-48911
Downstream
Related
Published
2024-08-22T01:31:07.463Z
Modified
2026-03-12T03:24:13.598334Z
Summary
netfilter: nf_queue: fix possible use-after-free
Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_queue: fix possible use-after-free

Eric Dumazet says: The sockhold() side seems suspect, because there is no guarantee that skrefcnt is not already 0.

On failure, we cannot queue the packet and need to indicate an error. The packet will be dropped by the caller.

v2: split skb prefetch hunk into separate change

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48911.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
271b72c7fa82c2c7a795bc16896149933110672d
Fixed
21b27b2baa27423286e9b8d3f0b194d587083d95
Fixed
ef97921ccdc243170fcef857ba2a17cf697aece5
Fixed
34dc4a6a7f261736ef7183868a5bddad31c7f9e3
Fixed
43c25da41e3091b31a906651a43e80a2719aa1ff
Fixed
4d05239203fa38ea8a6f31e228460da4cb17a71a
Fixed
dd648bd1b33a828f62befa696b206c688da0ec43
Fixed
dcc3cb920bf7ba66ac5e9272293a9ba5f80917ee
Fixed
c3873070247d9e3c7a6b0cf9bf9b45e8018427b1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48911.json"