CVE-2022-50677
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-12-09
Last updated on: 2025-12-09
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
ipmi: fix use after free in _ipmi_destroy_user()
The intf_free() function frees the "intf" pointer so we cannot
dereference it again on the next line.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a use-after-free issue in the Linux kernel's IPMI subsystem, specifically in the _ipmi_destroy_user() function. The intf_free() function frees a pointer named "intf", but the code attempts to dereference this pointer again afterward, which can lead to undefined behavior or system instability.
How can this vulnerability impact me? :
The use-after-free vulnerability can cause system crashes, instability, or potentially allow an attacker to execute arbitrary code or escalate privileges by exploiting the freed memory being accessed again.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70