Bugzilla – Bug 1223893
VUL-0: CVE-2022-48670: kernel: peci: cpu: fix use-after-free in adev_release()
Last modified: 2024-05-06 07:49:13 UTC
In the Linux kernel, the following vulnerability has been resolved: peci: cpu: Fix use-after-free in adev_release() When auxiliary_device_add() returns an error, auxiliary_device_uninit() is called, which causes refcount for device to be decremented and .release callback will be triggered. Because adev_release() re-calls auxiliary_device_uninit(), it will cause use-after-free: [ 1269.455172] WARNING: CPU: 0 PID: 14267 at lib/refcount.c:28 refcount_warn_saturate+0x110/0x15 [ 1269.464007] refcount_t: underflow; use-after-free. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-48670 https://www.cve.org/CVERecord?id=CVE-2022-48670 https://git.kernel.org/stable/c/1c11289b34ab67ed080bbe0f1855c4938362d9cf https://git.kernel.org/stable/c/c87f1f99e26ea4ae08cabe753ae98e5626bdba89 https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2022/CVE-2022-48670.mbox
CONFIG_PECI_CPU isn't enabled on SLE15-SP5 and older branches, hence unaffected.