CVE-2022-50843
Unknown
Unknown - Not Provided
Use-After-Free Vulnerability in Linux Kernel dm_clone Component
Publication date: 2025-12-30
Last updated on: 2025-12-30
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
dm clone: Fix UAF in clone_dtr()
Dm_clone also has the same UAF problem when dm_resume()
and dm_destroy() are concurrent.
Therefore, cancelling timer again in clone_dtr().
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Use-After-Free (UAF) issue in the Linux kernel's device mapper clone target (dm_clone). It occurs in the clone_dtr() function and also when dm_resume() and dm_destroy() are called concurrently, leading to potential memory corruption or crashes due to accessing freed memory.
How can this vulnerability impact me? :
The vulnerability can lead to system instability, crashes, or potentially allow an attacker to execute arbitrary code or cause denial of service by exploiting the Use-After-Free condition in the kernel's device mapper clone target.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70