#VU104480 Use-after-free in Linux kernel - CVE-2022-49059

Vulnerability identifier: #VU104480

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49059

CWE-ID: CWE-416

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nci_close_device() function in net/nfc/nci/core.c. A local user can escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

---

External links
https://git.kernel.org/stable/c/1a1748d0dd0f0a98535c6baeef671c8722107639
https://git.kernel.org/stable/c/5c63ad2b0a267a524c12c88acb1ba9c2d109a801
https://git.kernel.org/stable/c/67677050cecbe0edfdd81cd508415e9636ba7c65
https://git.kernel.org/stable/c/7d3232214ca4ea8f7d18df264c3b254aa8089d7f
https://git.kernel.org/stable/c/9d243aff5f7e6b04e907c617426bbdf26e996ac8
https://git.kernel.org/stable/c/9ded5ae40f4fe37fcc28f36d76bf45df20be5432
https://git.kernel.org/stable/c/edd4600120641e1714e30112e69a548cfb68e067
https://git.kernel.org/stable/c/ef27324e2cb7bb24542d6cb2571740eefe6b00dc

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.