CVE-2022-48695

scsi: mpt3sas: Fix use-after-free warning

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use-after-free warning Fix the following use-after-free warning which is observed during controller reset: refcount_t: underflow; use-after-free. WARNING: CPU: 23 PID: 5399 at lib/refcount.c:28 refcount_warn_saturate+0xa6/0xf0

References

Link	Tags
https://git.kernel.org/stable/c/b8fc9e91b931215110ba824d1a2983c5f60b6f82	patch
https://git.kernel.org/stable/c/d4959d09b76eb7a4146f5133962b88d3bddb63d6	patch
https://git.kernel.org/stable/c/82efb917eeb27454dc4c6fe26432fc8f6c75bc16	patch
https://git.kernel.org/stable/c/5682c94644fde72f72bded6580c38189ffc856b5	patch
https://git.kernel.org/stable/c/ea10a652ad2ae2cf3eced6f632a5c98f26727057	patch
https://git.kernel.org/stable/c/6229fa494a5949be209bc73afbc5d0a749c2e3c7	patch
https://git.kernel.org/stable/c/41acb064c4e013808bc7d5fc1b506fa449425b0b	patch
https://git.kernel.org/stable/c/991df3dd5144f2e6b1c38b8d20ed3d4d21e20b34	patch

Frequently Asked Questions

What is the severity of CVE-2022-48695?: CVE-2022-48695 has been scored as a high severity vulnerability.
How to fix CVE-2022-48695?: To fix CVE-2022-48695, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-48695 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2022-48695 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-48695?: CVE-2022-48695 affects Linux Linux, Linux Linux.

Description

Category

CWE-416 – Use After Free

References

Frequently Asked Questions