{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2022-48742","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-06-20T11:09:39.054Z","datePublished":"2024-06-20T11:13:26.653Z","dateUpdated":"2025-05-04T08:22:10.792Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T08:22:10.792Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nrtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()\n\nWhile looking at one unrelated syzbot bug, I found the replay logic\nin __rtnl_newlink() to potentially trigger use-after-free.\n\nIt is better to clear master_dev and m_ops inside the loop,\nin case we have to replay it."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/core/rtnetlink.c"],"versions":[{"version":"ba7d49b1f0f8e5f24294a880ed576964059af5ef","lessThan":"2cf180360d66bd657e606c1217e0e668e6faa303","status":"affected","versionType":"git"},{"version":"ba7d49b1f0f8e5f24294a880ed576964059af5ef","lessThan":"7d9211678c0f0624f74cdff36117ab8316697bb8","status":"affected","versionType":"git"},{"version":"ba7d49b1f0f8e5f24294a880ed576964059af5ef","lessThan":"a01e60a1ec6bef9be471fb7182a33c6d6f124e93","status":"affected","versionType":"git"},{"version":"ba7d49b1f0f8e5f24294a880ed576964059af5ef","lessThan":"bd43771ee9759dd9dfae946bff190e2c5a120de5","status":"affected","versionType":"git"},{"version":"ba7d49b1f0f8e5f24294a880ed576964059af5ef","lessThan":"3bbe2019dd12b8d13671ee6cda055d49637b4c39","status":"affected","versionType":"git"},{"version":"ba7d49b1f0f8e5f24294a880ed576964059af5ef","lessThan":"def5e7070079b2a214b3b1a2fbec623e6fbfe34a","status":"affected","versionType":"git"},{"version":"ba7d49b1f0f8e5f24294a880ed576964059af5ef","lessThan":"36a9a0aee881940476b254e0352581401b23f210","status":"affected","versionType":"git"},{"version":"ba7d49b1f0f8e5f24294a880ed576964059af5ef","lessThan":"c6f6f2444bdbe0079e41914a35081530d0409963","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/core/rtnetlink.c"],"versions":[{"version":"3.14","status":"affected"},{"version":"0","lessThan":"3.14","status":"unaffected","versionType":"semver"},{"version":"4.9.300","lessThanOrEqual":"4.9.*","status":"unaffected","versionType":"semver"},{"version":"4.14.265","lessThanOrEqual":"4.14.*","status":"unaffected","versionType":"semver"},{"version":"4.19.228","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.177","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.97","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.20","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"5.16.6","lessThanOrEqual":"5.16.*","status":"unaffected","versionType":"semver"},{"version":"5.17","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.14","versionEndExcluding":"4.9.300"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.14","versionEndExcluding":"4.14.265"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.14","versionEndExcluding":"4.19.228"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.14","versionEndExcluding":"5.4.177"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.14","versionEndExcluding":"5.10.97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.14","versionEndExcluding":"5.15.20"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.14","versionEndExcluding":"5.16.6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.14","versionEndExcluding":"5.17"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2cf180360d66bd657e606c1217e0e668e6faa303"},{"url":"https://git.kernel.org/stable/c/7d9211678c0f0624f74cdff36117ab8316697bb8"},{"url":"https://git.kernel.org/stable/c/a01e60a1ec6bef9be471fb7182a33c6d6f124e93"},{"url":"https://git.kernel.org/stable/c/bd43771ee9759dd9dfae946bff190e2c5a120de5"},{"url":"https://git.kernel.org/stable/c/3bbe2019dd12b8d13671ee6cda055d49637b4c39"},{"url":"https://git.kernel.org/stable/c/def5e7070079b2a214b3b1a2fbec623e6fbfe34a"},{"url":"https://git.kernel.org/stable/c/36a9a0aee881940476b254e0352581401b23f210"},{"url":"https://git.kernel.org/stable/c/c6f6f2444bdbe0079e41914a35081530d0409963"}],"title":"rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T15:25:00.117Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/2cf180360d66bd657e606c1217e0e668e6faa303","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/7d9211678c0f0624f74cdff36117ab8316697bb8","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/a01e60a1ec6bef9be471fb7182a33c6d6f124e93","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/bd43771ee9759dd9dfae946bff190e2c5a120de5","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/3bbe2019dd12b8d13671ee6cda055d49637b4c39","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/def5e7070079b2a214b3b1a2fbec623e6fbfe34a","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/36a9a0aee881940476b254e0352581401b23f210","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/c6f6f2444bdbe0079e41914a35081530d0409963","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2022-48742","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-09-10T17:10:41.257620Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-11T17:34:48.431Z"}}]}}