CVE-2022-48919
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2022-48919 is a vulnerability in the Linux kernel that affects various products, specifically those utilizing the CIFS (Common Internet File System) protocol. The issue arises from a double free condition in the cifs_get_root() function during mount failures, which can lead to a use-after-free error and potentially allow local attackers to compromise system integrity. To remediate this vulnerability, users are advised to apply the relevant patches provided in various updates from the Linux kernel repository. The vulnerability has been rated with a base severity of high (7.8) and poses significant risks, including high impacts on confidentiality and integrity with an exploitability score of 1.8, indicating low privileges required for exploitation. Organizations utilizing affected products should prioritize updating their systems to mitigate these risks effectively.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.