CVE-2022-48842

CVSS 3.1 Score 4.7 of 10 (medium)

Details

Published Jul 16, 2024
Updated: Jul 17, 2024
CWE ID 362
CWE ID 667

Summary

CVE-2022-48842 is a vulnerability in the Linux kernel that affects the networking subsystem. It involves a race condition during interface enslavement in the 'ice' driver, specifically in the functions 'ice_plug_aux_dev()' and 'ice_unplug_aux_dev()'. When a command to add or remove an auxiliary device is issued, both functions try to take each other's locks, resulting in a deadlock. This issue has been resolved by keeping a flag to indicate if an auxiliary device is being plugged during the 'ice_plug_aux_dev()' call and checking it before 'ice_unplug_aux_dev()' is invoked.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share