CVE-2022-48842
CVSS 3.1 Score 4.7 of 10 (medium)
Details
Summary
CVE-2022-48842 is a vulnerability in the Linux kernel that affects the networking subsystem. It involves a race condition during interface enslavement in the 'ice' driver, specifically in the functions 'ice_plug_aux_dev()' and 'ice_unplug_aux_dev()'. When a command to add or remove an auxiliary device is issued, both functions try to take each other's locks, resulting in a deadlock. This issue has been resolved by keeping a flag to indicate if an auxiliary device is being plugged during the 'ice_plug_aux_dev()' call and checking it before 'ice_unplug_aux_dev()' is invoked.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.