CVE-2022-1974

A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information.
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:5.18:rc6:*:*:*:*:*:*

History

21 Nov 2024, 06:41

Type Values Removed Values Added
References () https://github.com/torvalds/linux/commit/da5c0f119203ad9728920456a0f52a6d850c01cd - Patch, Third Party Advisory () https://github.com/torvalds/linux/commit/da5c0f119203ad9728920456a0f52a6d850c01cd - Patch, Third Party Advisory

27 Jun 2023, 15:47

Type Values Removed Values Added
CWE CWE-416 CWE-367

Information

Published : 2022-08-31 16:15

Updated : 2024-11-21 06:41


NVD link : CVE-2022-1974

Mitre link : CVE-2022-1974

CVE.ORG link : CVE-2022-1974


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-416

Use After Free

CWE-367

Time-of-check Time-of-use (TOCTOU) Race Condition