CVE-2022-50248 (GCVE-0-2022-50248)
Vulnerability from cvelistv5
Published
2025-09-15 14:02
Modified
2025-09-15 14:02
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlwifi: mvm: fix double free on tx path.
We see kernel crashes and lockups and KASAN errors related to ax210
firmware crashes. One of the KASAN dumps pointed at the tx path,
and it appears there is indeed a way to double-free an skb.
If iwl_mvm_tx_skb_sta returns non-zero, then the 'skb' sent into the
method will be freed. But, in case where we build TSO skb buffer,
the skb may also be freed in error case. So, return 0 in that particular
error case and do cleanup manually.
BUG: KASAN: use-after-free in __list_del_entry_valid+0x12/0x90
iwlwifi 0000:06:00.0: 0x00000000 | tsf hi
Read of size 8 at addr ffff88813cfa4ba0 by task btserver/9650
CPU: 4 PID: 9650 Comm: btserver Tainted: G W 5.19.8+ #5
iwlwifi 0000:06:00.0: 0x00000000 | time gp1
Hardware name: Default string Default string/SKYBAY, BIOS 5.12 02/19/2019
Call Trace:
<TASK>
dump_stack_lvl+0x55/0x6d
print_report.cold.12+0xf2/0x684
iwlwifi 0000:06:00.0: 0x1D0915A8 | time gp2
? __list_del_entry_valid+0x12/0x90
kasan_report+0x8b/0x180
iwlwifi 0000:06:00.0: 0x00000001 | uCode revision type
? __list_del_entry_valid+0x12/0x90
__list_del_entry_valid+0x12/0x90
iwlwifi 0000:06:00.0: 0x00000048 | uCode version major
tcp_update_skb_after_send+0x5d/0x170
__tcp_transmit_skb+0xb61/0x15c0
iwlwifi 0000:06:00.0: 0xDAA05125 | uCode version minor
? __tcp_select_window+0x490/0x490
iwlwifi 0000:06:00.0: 0x00000420 | hw version
? trace_kmalloc_node+0x29/0xd0
? __kmalloc_node_track_caller+0x12a/0x260
? memset+0x1f/0x40
? __build_skb_around+0x125/0x150
? __alloc_skb+0x1d4/0x220
? skb_zerocopy_clone+0x55/0x230
iwlwifi 0000:06:00.0: 0x00489002 | board version
? kmalloc_reserve+0x80/0x80
? rcu_read_lock_bh_held+0x60/0xb0
tcp_write_xmit+0x3f1/0x24d0
iwlwifi 0000:06:00.0: 0x034E001C | hcmd
? __check_object_size+0x180/0x350
iwlwifi 0000:06:00.0: 0x24020000 | isr0
tcp_sendmsg_locked+0x8a9/0x1520
iwlwifi 0000:06:00.0: 0x01400000 | isr1
? tcp_sendpage+0x50/0x50
iwlwifi 0000:06:00.0: 0x48F0000A | isr2
? lock_release+0xb9/0x400
? tcp_sendmsg+0x14/0x40
iwlwifi 0000:06:00.0: 0x00C3080C | isr3
? lock_downgrade+0x390/0x390
? do_raw_spin_lock+0x114/0x1d0
iwlwifi 0000:06:00.0: 0x00200000 | isr4
? rwlock_bug.part.2+0x50/0x50
iwlwifi 0000:06:00.0: 0x034A001C | last cmd Id
? rwlock_bug.part.2+0x50/0x50
? lockdep_hardirqs_on_prepare+0xe/0x200
iwlwifi 0000:06:00.0: 0x0000C2F0 | wait_event
? __local_bh_enable_ip+0x87/0xe0
? inet_send_prepare+0x220/0x220
iwlwifi 0000:06:00.0: 0x000000C4 | l2p_control
tcp_sendmsg+0x22/0x40
sock_sendmsg+0x5f/0x70
iwlwifi 0000:06:00.0: 0x00010034 | l2p_duration
__sys_sendto+0x19d/0x250
iwlwifi 0000:06:00.0: 0x00000007 | l2p_mhvalid
? __ia32_sys_getpeername+0x40/0x40
iwlwifi 0000:06:00.0: 0x00000000 | l2p_addr_match
? rcu_read_lock_held_common+0x12/0x50
? rcu_read_lock_sched_held+0x5a/0xd0
? rcu_read_lock_bh_held+0xb0/0xb0
? rcu_read_lock_sched_held+0x5a/0xd0
? rcu_read_lock_sched_held+0x5a/0xd0
? lock_release+0xb9/0x400
? lock_downgrade+0x390/0x390
? ktime_get+0x64/0x130
? ktime_get+0x8d/0x130
? rcu_read_lock_held_common+0x12/0x50
? rcu_read_lock_sched_held+0x5a/0xd0
? rcu_read_lock_held_common+0x12/0x50
? rcu_read_lock_sched_held+0x5a/0xd0
? rcu_read_lock_bh_held+0xb0/0xb0
? rcu_read_lock_bh_held+0xb0/0xb0
__x64_sys_sendto+0x6f/0x80
do_syscall_64+0x34/0xb0
entry_SYSCALL_64_after_hwframe+0x46/0xb0
RIP: 0033:0x7f1d126e4531
Code: 00 00 00 00 0f 1f 44 00 00 f3 0f 1e fa 48 8d 05 35 80 0c 00 41 89 ca 8b 00 85 c0 75 1c 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 67 c3 66 0f 1f 44 00 00 55 48 83 ec 20 48 89
RSP: 002b:00007ffe21a679d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 000000000000ffdc RCX: 00007f1d126e4531
RDX: 0000000000010000 RSI: 000000000374acf0 RDI: 0000000000000014
RBP: 00007ffe21a67ac0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R
---truncated---
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Linux | Linux |
Version: 08f7d8b69aaf137db8ee0a2d7c9e6cd6383ae250 Version: 08f7d8b69aaf137db8ee0a2d7c9e6cd6383ae250 Version: 08f7d8b69aaf137db8ee0a2d7c9e6cd6383ae250 Version: 08f7d8b69aaf137db8ee0a2d7c9e6cd6383ae250 Version: 08f7d8b69aaf137db8ee0a2d7c9e6cd6383ae250 Version: 08f7d8b69aaf137db8ee0a2d7c9e6cd6383ae250 |
||||||
|
|||||||||
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/intel/iwlwifi/mvm/tx.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0e1e311fd929c6a8dcfddcb4748c47b07e39821f",
"status": "affected",
"version": "08f7d8b69aaf137db8ee0a2d7c9e6cd6383ae250",
"versionType": "git"
},
{
"lessThan": "ae966649f665bc3868b935157dd4a3c31810dcc0",
"status": "affected",
"version": "08f7d8b69aaf137db8ee0a2d7c9e6cd6383ae250",
"versionType": "git"
},
{
"lessThan": "d8e32f1bf1a9183a6aad560c6688500222d24299",
"status": "affected",
"version": "08f7d8b69aaf137db8ee0a2d7c9e6cd6383ae250",
"versionType": "git"
},
{
"lessThan": "8fabe41fba907e4fd826acbbdb42e09c681c515e",
"status": "affected",
"version": "08f7d8b69aaf137db8ee0a2d7c9e6cd6383ae250",
"versionType": "git"
},
{
"lessThan": "3a2ecd1ec14075117ccb3e85f0fed224578ec228",
"status": "affected",
"version": "08f7d8b69aaf137db8ee0a2d7c9e6cd6383ae250",
"versionType": "git"
},
{
"lessThan": "0473cbae2137b963bd0eaa74336131cb1d3bc6c3",
"status": "affected",
"version": "08f7d8b69aaf137db8ee0a2d7c9e6cd6383ae250",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/intel/iwlwifi/mvm/tx.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.1"
},
{
"lessThan": "5.1",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.229",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.163",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.86",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"version": "6.0.16",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.2",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.229",
"versionStartIncluding": "5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.163",
"versionStartIncluding": "5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.86",
"versionStartIncluding": "5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.16",
"versionStartIncluding": "5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.2",
"versionStartIncluding": "5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.2",
"versionStartIncluding": "5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: fix double free on tx path.\n\nWe see kernel crashes and lockups and KASAN errors related to ax210\nfirmware crashes. One of the KASAN dumps pointed at the tx path,\nand it appears there is indeed a way to double-free an skb.\n\nIf iwl_mvm_tx_skb_sta returns non-zero, then the \u0027skb\u0027 sent into the\nmethod will be freed. But, in case where we build TSO skb buffer,\nthe skb may also be freed in error case. So, return 0 in that particular\nerror case and do cleanup manually.\n\nBUG: KASAN: use-after-free in __list_del_entry_valid+0x12/0x90\niwlwifi 0000:06:00.0: 0x00000000 | tsf hi\nRead of size 8 at addr ffff88813cfa4ba0 by task btserver/9650\n\nCPU: 4 PID: 9650 Comm: btserver Tainted: G W 5.19.8+ #5\niwlwifi 0000:06:00.0: 0x00000000 | time gp1\nHardware name: Default string Default string/SKYBAY, BIOS 5.12 02/19/2019\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x55/0x6d\n print_report.cold.12+0xf2/0x684\niwlwifi 0000:06:00.0: 0x1D0915A8 | time gp2\n ? __list_del_entry_valid+0x12/0x90\n kasan_report+0x8b/0x180\niwlwifi 0000:06:00.0: 0x00000001 | uCode revision type\n ? __list_del_entry_valid+0x12/0x90\n __list_del_entry_valid+0x12/0x90\niwlwifi 0000:06:00.0: 0x00000048 | uCode version major\n tcp_update_skb_after_send+0x5d/0x170\n __tcp_transmit_skb+0xb61/0x15c0\niwlwifi 0000:06:00.0: 0xDAA05125 | uCode version minor\n ? __tcp_select_window+0x490/0x490\niwlwifi 0000:06:00.0: 0x00000420 | hw version\n ? trace_kmalloc_node+0x29/0xd0\n ? __kmalloc_node_track_caller+0x12a/0x260\n ? memset+0x1f/0x40\n ? __build_skb_around+0x125/0x150\n ? __alloc_skb+0x1d4/0x220\n ? skb_zerocopy_clone+0x55/0x230\niwlwifi 0000:06:00.0: 0x00489002 | board version\n ? kmalloc_reserve+0x80/0x80\n ? rcu_read_lock_bh_held+0x60/0xb0\n tcp_write_xmit+0x3f1/0x24d0\niwlwifi 0000:06:00.0: 0x034E001C | hcmd\n ? __check_object_size+0x180/0x350\niwlwifi 0000:06:00.0: 0x24020000 | isr0\n tcp_sendmsg_locked+0x8a9/0x1520\niwlwifi 0000:06:00.0: 0x01400000 | isr1\n ? tcp_sendpage+0x50/0x50\niwlwifi 0000:06:00.0: 0x48F0000A | isr2\n ? lock_release+0xb9/0x400\n ? tcp_sendmsg+0x14/0x40\niwlwifi 0000:06:00.0: 0x00C3080C | isr3\n ? lock_downgrade+0x390/0x390\n ? do_raw_spin_lock+0x114/0x1d0\niwlwifi 0000:06:00.0: 0x00200000 | isr4\n ? rwlock_bug.part.2+0x50/0x50\niwlwifi 0000:06:00.0: 0x034A001C | last cmd Id\n ? rwlock_bug.part.2+0x50/0x50\n ? lockdep_hardirqs_on_prepare+0xe/0x200\niwlwifi 0000:06:00.0: 0x0000C2F0 | wait_event\n ? __local_bh_enable_ip+0x87/0xe0\n ? inet_send_prepare+0x220/0x220\niwlwifi 0000:06:00.0: 0x000000C4 | l2p_control\n tcp_sendmsg+0x22/0x40\n sock_sendmsg+0x5f/0x70\niwlwifi 0000:06:00.0: 0x00010034 | l2p_duration\n __sys_sendto+0x19d/0x250\niwlwifi 0000:06:00.0: 0x00000007 | l2p_mhvalid\n ? __ia32_sys_getpeername+0x40/0x40\niwlwifi 0000:06:00.0: 0x00000000 | l2p_addr_match\n ? rcu_read_lock_held_common+0x12/0x50\n ? rcu_read_lock_sched_held+0x5a/0xd0\n ? rcu_read_lock_bh_held+0xb0/0xb0\n ? rcu_read_lock_sched_held+0x5a/0xd0\n ? rcu_read_lock_sched_held+0x5a/0xd0\n ? lock_release+0xb9/0x400\n ? lock_downgrade+0x390/0x390\n ? ktime_get+0x64/0x130\n ? ktime_get+0x8d/0x130\n ? rcu_read_lock_held_common+0x12/0x50\n ? rcu_read_lock_sched_held+0x5a/0xd0\n ? rcu_read_lock_held_common+0x12/0x50\n ? rcu_read_lock_sched_held+0x5a/0xd0\n ? rcu_read_lock_bh_held+0xb0/0xb0\n ? rcu_read_lock_bh_held+0xb0/0xb0\n __x64_sys_sendto+0x6f/0x80\n do_syscall_64+0x34/0xb0\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\nRIP: 0033:0x7f1d126e4531\nCode: 00 00 00 00 0f 1f 44 00 00 f3 0f 1e fa 48 8d 05 35 80 0c 00 41 89 ca 8b 00 85 c0 75 1c 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 67 c3 66 0f 1f 44 00 00 55 48 83 ec 20 48 89\nRSP: 002b:00007ffe21a679d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 000000000000ffdc RCX: 00007f1d126e4531\nRDX: 0000000000010000 RSI: 000000000374acf0 RDI: 0000000000000014\nRBP: 00007ffe21a67ac0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2025-09-15T14:02:07.723Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0e1e311fd929c6a8dcfddcb4748c47b07e39821f"
},
{
"url": "https://git.kernel.org/stable/c/ae966649f665bc3868b935157dd4a3c31810dcc0"
},
{
"url": "https://git.kernel.org/stable/c/d8e32f1bf1a9183a6aad560c6688500222d24299"
},
{
"url": "https://git.kernel.org/stable/c/8fabe41fba907e4fd826acbbdb42e09c681c515e"
},
{
"url": "https://git.kernel.org/stable/c/3a2ecd1ec14075117ccb3e85f0fed224578ec228"
},
{
"url": "https://git.kernel.org/stable/c/0473cbae2137b963bd0eaa74336131cb1d3bc6c3"
}
],
"title": "wifi: iwlwifi: mvm: fix double free on tx path.",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-50248",
"datePublished": "2025-09-15T14:02:07.723Z",
"dateReserved": "2025-09-15T13:58:00.972Z",
"dateUpdated": "2025-09-15T14:02:07.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-50248\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-09-15T14:15:35.363\",\"lastModified\":\"2025-09-15T15:21:42.937\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nwifi: iwlwifi: mvm: fix double free on tx path.\\n\\nWe see kernel crashes and lockups and KASAN errors related to ax210\\nfirmware crashes. One of the KASAN dumps pointed at the tx path,\\nand it appears there is indeed a way to double-free an skb.\\n\\nIf iwl_mvm_tx_skb_sta returns non-zero, then the \u0027skb\u0027 sent into the\\nmethod will be freed. But, in case where we build TSO skb buffer,\\nthe skb may also be freed in error case. So, return 0 in that particular\\nerror case and do cleanup manually.\\n\\nBUG: KASAN: use-after-free in __list_del_entry_valid+0x12/0x90\\niwlwifi 0000:06:00.0: 0x00000000 | tsf hi\\nRead of size 8 at addr ffff88813cfa4ba0 by task btserver/9650\\n\\nCPU: 4 PID: 9650 Comm: btserver Tainted: G W 5.19.8+ #5\\niwlwifi 0000:06:00.0: 0x00000000 | time gp1\\nHardware name: Default string Default string/SKYBAY, BIOS 5.12 02/19/2019\\nCall Trace:\\n \u003cTASK\u003e\\n dump_stack_lvl+0x55/0x6d\\n print_report.cold.12+0xf2/0x684\\niwlwifi 0000:06:00.0: 0x1D0915A8 | time gp2\\n ? __list_del_entry_valid+0x12/0x90\\n kasan_report+0x8b/0x180\\niwlwifi 0000:06:00.0: 0x00000001 | uCode revision type\\n ? __list_del_entry_valid+0x12/0x90\\n __list_del_entry_valid+0x12/0x90\\niwlwifi 0000:06:00.0: 0x00000048 | uCode version major\\n tcp_update_skb_after_send+0x5d/0x170\\n __tcp_transmit_skb+0xb61/0x15c0\\niwlwifi 0000:06:00.0: 0xDAA05125 | uCode version minor\\n ? __tcp_select_window+0x490/0x490\\niwlwifi 0000:06:00.0: 0x00000420 | hw version\\n ? trace_kmalloc_node+0x29/0xd0\\n ? __kmalloc_node_track_caller+0x12a/0x260\\n ? memset+0x1f/0x40\\n ? __build_skb_around+0x125/0x150\\n ? __alloc_skb+0x1d4/0x220\\n ? skb_zerocopy_clone+0x55/0x230\\niwlwifi 0000:06:00.0: 0x00489002 | board version\\n ? kmalloc_reserve+0x80/0x80\\n ? rcu_read_lock_bh_held+0x60/0xb0\\n tcp_write_xmit+0x3f1/0x24d0\\niwlwifi 0000:06:00.0: 0x034E001C | hcmd\\n ? __check_object_size+0x180/0x350\\niwlwifi 0000:06:00.0: 0x24020000 | isr0\\n tcp_sendmsg_locked+0x8a9/0x1520\\niwlwifi 0000:06:00.0: 0x01400000 | isr1\\n ? tcp_sendpage+0x50/0x50\\niwlwifi 0000:06:00.0: 0x48F0000A | isr2\\n ? lock_release+0xb9/0x400\\n ? tcp_sendmsg+0x14/0x40\\niwlwifi 0000:06:00.0: 0x00C3080C | isr3\\n ? lock_downgrade+0x390/0x390\\n ? do_raw_spin_lock+0x114/0x1d0\\niwlwifi 0000:06:00.0: 0x00200000 | isr4\\n ? rwlock_bug.part.2+0x50/0x50\\niwlwifi 0000:06:00.0: 0x034A001C | last cmd Id\\n ? rwlock_bug.part.2+0x50/0x50\\n ? lockdep_hardirqs_on_prepare+0xe/0x200\\niwlwifi 0000:06:00.0: 0x0000C2F0 | wait_event\\n ? __local_bh_enable_ip+0x87/0xe0\\n ? inet_send_prepare+0x220/0x220\\niwlwifi 0000:06:00.0: 0x000000C4 | l2p_control\\n tcp_sendmsg+0x22/0x40\\n sock_sendmsg+0x5f/0x70\\niwlwifi 0000:06:00.0: 0x00010034 | l2p_duration\\n __sys_sendto+0x19d/0x250\\niwlwifi 0000:06:00.0: 0x00000007 | l2p_mhvalid\\n ? __ia32_sys_getpeername+0x40/0x40\\niwlwifi 0000:06:00.0: 0x00000000 | l2p_addr_match\\n ? rcu_read_lock_held_common+0x12/0x50\\n ? rcu_read_lock_sched_held+0x5a/0xd0\\n ? rcu_read_lock_bh_held+0xb0/0xb0\\n ? rcu_read_lock_sched_held+0x5a/0xd0\\n ? rcu_read_lock_sched_held+0x5a/0xd0\\n ? lock_release+0xb9/0x400\\n ? lock_downgrade+0x390/0x390\\n ? ktime_get+0x64/0x130\\n ? ktime_get+0x8d/0x130\\n ? rcu_read_lock_held_common+0x12/0x50\\n ? rcu_read_lock_sched_held+0x5a/0xd0\\n ? rcu_read_lock_held_common+0x12/0x50\\n ? rcu_read_lock_sched_held+0x5a/0xd0\\n ? rcu_read_lock_bh_held+0xb0/0xb0\\n ? rcu_read_lock_bh_held+0xb0/0xb0\\n __x64_sys_sendto+0x6f/0x80\\n do_syscall_64+0x34/0xb0\\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\\nRIP: 0033:0x7f1d126e4531\\nCode: 00 00 00 00 0f 1f 44 00 00 f3 0f 1e fa 48 8d 05 35 80 0c 00 41 89 ca 8b 00 85 c0 75 1c 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 67 c3 66 0f 1f 44 00 00 55 48 83 ec 20 48 89\\nRSP: 002b:00007ffe21a679d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c\\nRAX: ffffffffffffffda RBX: 000000000000ffdc RCX: 00007f1d126e4531\\nRDX: 0000000000010000 RSI: 000000000374acf0 RDI: 0000000000000014\\nRBP: 00007ffe21a67ac0 R08: 0000000000000000 R09: 0000000000000000\\nR10: 0000000000000000 R11: 0000000000000246 R\\n---truncated---\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/0473cbae2137b963bd0eaa74336131cb1d3bc6c3\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/0e1e311fd929c6a8dcfddcb4748c47b07e39821f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/3a2ecd1ec14075117ccb3e85f0fed224578ec228\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/8fabe41fba907e4fd826acbbdb42e09c681c515e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/ae966649f665bc3868b935157dd4a3c31810dcc0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/d8e32f1bf1a9183a6aad560c6688500222d24299\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…