Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

CVE-2022-48926

Disclosure Date: August 22, 2024 •

CVE-2022-48926 CVSS v3 Base Score: 7.8

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

In the Linux kernel, the following vulnerability has been resolved:

usb: gadget: rndis: add spinlock for rndis response list

There’s no lock for rndis response list. It could cause list corruption
if there’re two different list_add at the same time like below.
It’s better to add in rndis_add_response / rndis_free_response
/ rndis_get_next_response to prevent any race condition on response list.

[ 361.894299] [1: irq/191-dwc3:16979] list_add corruption.
next->prev should be prev (ffffff80651764d0),
but was ffffff883dc36f80. (next=ffffff80651764d0).

[ 361.904380] [1: irq/191-dwc3:16979] Call trace:
[ 361.904391] [1: irq/191-dwc3:16979] __list_add_valid+0x74/0x90
[ 361.904401] [1: irq/191-dwc3:16979] rndis_msg_parser+0x168/0x8c0
[ 361.904409] [1: irq/191-dwc3:16979] rndis_command_complete+0x24/0x84
[ 361.904417] [1: irq/191-dwc3:16979] usb_gadget_giveback_request+0x20/0xe4
[ 361.904426] [1: irq/191-dwc3:16979] dwc3_gadget_giveback+0x44/0x60
[ 361.904434] [1: irq/191-dwc3:16979] dwc3_ep0_complete_data+0x1e8/0x3a0
[ 361.904442] [1: irq/191-dwc3:16979] dwc3_ep0_interrupt+0x29c/0x3dc
[ 361.904450] [1: irq/191-dwc3:16979] dwc3_process_event_entry+0x78/0x6cc
[ 361.904457] [1: irq/191-dwc3:16979] dwc3_process_event_buf+0xa0/0x1ec
[ 361.904465] [1: irq/191-dwc3:16979] dwc3_thread_interrupt+0x34/0x5c

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

7.8 High

Impact Score:

5.9

Exploitability Score:

1.8

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV):

Local

Attack Complexity (AC):

Low

Privileges Required (PR):

Low

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

High

Availability (A):

High

Vendors

linux

Products

linux kernel

References

Canonical

CVE-2022-48926 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48926)

Miscellaneous

https://git.kernel.org/stable/c/9f5d8ba538ef81cd86ea587ca3f8c77e26bea405

https://git.kernel.org/stable/c/669c2b178956718407af5631ccbc61c24413f038

https://git.kernel.org/stable/c/9f688aadede6b862a0a898792b1a35421c93636f

https://git.kernel.org/stable/c/9ab652d41deab49848673c3dadb57ad338485376

https://git.kernel.org/stable/c/4ce247af3f30078d5b97554f1ae6200a0222c15a

https://git.kernel.org/stable/c/da514063440b53a27309a4528b726f92c3cfe56f

https://git.kernel.org/stable/c/33222d1571d7ce8c1c75f6b488f38968fa93d2d9

https://git.kernel.org/stable/c/aaaba1c86d04dac8e49bf508b492f81506257da3

Rapid7

Unknown

CVE-2022-48926

Unknown

Unknown

None

Low

Local

CVE-2022-48926

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Unknown

CVE-2022-48926

Unknown

Unknown

None

Low

Local

CVE-2022-48926

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification