vulnerability
Ubuntu: (CVE-2022-49127): linux vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:S/C:C/I:C/A:C) | Feb 26, 2025 | Jun 26, 2025 | Aug 18, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
Feb 26, 2025
Added
Jun 26, 2025
Modified
Aug 18, 2025
Description
In the Linux kernel, the following vulnerability has been resolved:
ref_tracker: implement use-after-free detection
Whenever ref_tracker_dir_init() is called, mark the struct ref_tracker_dir
as dead.
Test the dead status from ref_tracker_alloc() and ref_tracker_free()
This should detect buggy dev_put()/dev_hold() happening too late
in netdevice dismantle process.
Solution
no-fix-ubuntu-package
References
- CVE-2022-49127
- https://attackerkb.com/topics/CVE-2022-49127
- CWE-416
- URL-https://git.kernel.org/linus/e3ececfe668facd87d920b608349a32607060e66
- URL-https://git.kernel.org/stable/c/3743c9de303fa36c2e2ca2522ab280c52bcafbd2
- URL-https://git.kernel.org/stable/c/e3ececfe668facd87d920b608349a32607060e66
- URL-https://www.cve.org/CVERecord?id=CVE-2022-49127
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.