U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVE-2022-48788 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: fix possible use-after-free in transport error_recovery work While nvme_rdma_submit_async_event_work is checking the ctrl and queue state before preparing the AER command and scheduling io_work, in order to fully prevent a race where this check is not reliable the error recovery work must flush async_event_work before continuing to destroy the admin queue after setting the ctrl state to RESETTING such that there is no race .submit_async_event and the error recovery handler itself changing the ctrl state.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
https://git.kernel.org/stable/c/324f5bdc52ecb6a6dadb31a62823ef8c709d1439 Patch 
https://git.kernel.org/stable/c/324f5bdc52ecb6a6dadb31a62823ef8c709d1439 Patch 
https://git.kernel.org/stable/c/5593f72d1922403c11749532e3a0aa4cf61414e9 Patch 
https://git.kernel.org/stable/c/5593f72d1922403c11749532e3a0aa4cf61414e9 Patch 
https://git.kernel.org/stable/c/646952b2210f19e584d2bf9eb5d092abdca2fcc1 Patch 
https://git.kernel.org/stable/c/646952b2210f19e584d2bf9eb5d092abdca2fcc1 Patch 
https://git.kernel.org/stable/c/b6bb1722f34bbdbabed27acdceaf585d300c5fd2 Patch 
https://git.kernel.org/stable/c/b6bb1722f34bbdbabed27acdceaf585d300c5fd2 Patch 
https://git.kernel.org/stable/c/d411b2a5da68b8a130c23097014434ac140a2ace Patch 
https://git.kernel.org/stable/c/d411b2a5da68b8a130c23097014434ac140a2ace Patch 
https://git.kernel.org/stable/c/ea86027ac467a055849c4945906f799e7f65ab99 Patch 
https://git.kernel.org/stable/c/ea86027ac467a055849c4945906f799e7f65ab99 Patch 

Weakness Enumeration

CWE-ID CWE Name Source
CWE-416 Use After Free cwe source acceptance level NIST  

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

4 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2022-48788
NVD Published Date:
07/16/2024
NVD Last Modified:
01/10/2025
Source:
kernel.org