CVE-2022-48912

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 22, 2024
Updated: Aug 27, 2024
CWE ID 416

Summary

CVE-2022-48912 is a vulnerability in the Linux kernel affecting various products that utilize netfilter, specifically due to a use-after-free error in the __nf_register_net_hook() function. This security flaw can lead to high integrity and confidentiality impacts, as it allows other threads to free allocated hooks after releasing a mutex, potentially allowing unauthorized access or manipulation of data. To remediate this vulnerability, users are advised to update their Linux kernel to the patched versions available in the references provided. The vulnerability has been rated with a base severity of HIGH and a CVSS score of 7.8, indicating that it poses significant risks if exploited locally without requiring user interaction. Organizations using affected products should prioritize applying patches to mitigate potential exploitation risks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share