CVE-2022-50248Double Free in Linux

CWE-415Double Free10 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 95.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 15

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix double free on tx path. We see kernel crashes and lockups and KASAN errors related to ax210 firmware crashes. One of the KASAN dumps pointed at the tx path, and it appears there is indeed a way to double-free an skb. If iwl_mvm_tx_skb_sta returns non-zero, then the 'skb' sent into the method will be freed. But, in case where we build TSO skb buffer, the skb may also be freed in error case. So, return 0

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

NVDlinux/linux_kernel5.15.4.229+4
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linux08f7d8b69aaf137db8ee0a2d7c9e6cd6383ae2500e1e311fd929c6a8dcfddcb4748c47b07e39821f+6
debiandebian/linux< linux 6.1.4-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

7
GHSA
GHSA-p4ww-hfqg-jmvc: In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix double free on tx path2025-09-15
OSV
CVE-2022-50248: In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix double free on tx path2025-09-15
OSV
linux-aws-5.15 vulnerabilities2025-04-29
OSV
linux-oracle-5.15 vulnerabilities2025-04-25
OSV
linux-intel-iot-realtime, linux-realtime vulnerabilities2025-04-24

📋Vendor Advisories

2
Red Hat
kernel: wifi: iwlwifi: mvm: fix double free on tx path2025-09-15
Debian
CVE-2022-50248: linux - In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwi...2022
CVE-2022-50248 — Double Free in Linux | cvebase