[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-48796":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":44,"related":45,"reserved_at":9,"published_at":51,"modified_at":52,"state":53,"summary":54,"references_raw":63,"kevs":82,"epss":83,"epss_history":86,"metrics":345,"affected":351},"CVE-2022-48796","In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix potential use-after-free during probe\n\nKasan has reported the following use after free on dev->iommu.\nwhen a device probe fails and it is in process of freeing dev->iommu\nin dev_iommu_free function, a deferred_probe_work_func runs in parallel\nand tries to access dev->iommu->fwspec in of_iommu_configure path thus\ncausing use after free.\n\nBUG: KASAN: use-after-free in of_iommu_configure+0xb4/0x4a4\nRead of size 8 at addr ffffff87a2f1acb8 by task kworker/u16:2/153\n\nWorkqueue: events_unbound deferred_probe_work_func\nCall trace:\n dump_backtrace+0x0/0x33c\n show_stack+0x18/0x24\n dump_stack_lvl+0x16c/0x1e0\n print_address_description+0x84/0x39c\n __kasan_report+0x184/0x308\n kasan_report+0x50/0x78\n __asan_load8+0xc0/0xc4\n of_iommu_configure+0xb4/0x4a4\n of_dma_configure_id+0x2fc/0x4d4\n platform_dma_configure+0x40/0x5c\n really_probe+0x1b4/0xb74\n driver_probe_device+0x11c/0x228\n __device_attach_driver+0x14c/0x304\n bus_for_each_drv+0x124/0x1b0\n __device_attach+0x25c/0x334\n device_initial_probe+0x24/0x34\n bus_probe_device+0x78/0x134\n deferred_probe_work_func+0x130/0x1a8\n process_one_work+0x4c8/0x970\n worker_thread+0x5c8/0xaec\n kthread+0x1f8/0x220\n ret_from_fork+0x10/0x18\n\nAllocated by task 1:\n ____kasan_kmalloc+0xd4/0x114\n __kasan_kmalloc+0x10/0x1c\n kmem_cache_alloc_trace+0xe4/0x3d4\n __iommu_probe_device+0x90/0x394\n probe_iommu_group+0x70/0x9c\n bus_for_each_dev+0x11c/0x19c\n bus_iommu_probe+0xb8/0x7d4\n bus_set_iommu+0xcc/0x13c\n arm_smmu_bus_init+0x44/0x130 [arm_smmu]\n arm_smmu_device_probe+0xb88/0xc54 [arm_smmu]\n platform_drv_probe+0xe4/0x13c\n really_probe+0x2c8/0xb74\n driver_probe_device+0x11c/0x228\n device_driver_attach+0xf0/0x16c\n __driver_attach+0x80/0x320\n bus_for_each_dev+0x11c/0x19c\n driver_attach+0x38/0x48\n bus_add_driver+0x1dc/0x3a4\n driver_register+0x18c/0x244\n __platform_driver_register+0x88/0x9c\n init_module+0x64/0xff4 [arm_smmu]\n do_one_initcall+0x17c/0x2f0\n do_init_module+0xe8/0x378\n load_module+0x3f80/0x4a40\n __se_sys_finit_module+0x1a0/0x1e4\n __arm64_sys_finit_module+0x44/0x58\n el0_svc_common+0x100/0x264\n do_el0_svc+0x38/0xa4\n el0_svc+0x20/0x30\n el0_sync_handler+0x68/0xac\n el0_sync+0x160/0x180\n\nFreed by task 1:\n kasan_set_track+0x4c/0x84\n kasan_set_free_info+0x28/0x4c\n ____kasan_slab_free+0x120/0x15c\n __kasan_slab_free+0x18/0x28\n slab_free_freelist_hook+0x204/0x2fc\n kfree+0xfc/0x3a4\n __iommu_probe_device+0x284/0x394\n probe_iommu_group+0x70/0x9c\n bus_for_each_dev+0x11c/0x19c\n bus_iommu_probe+0xb8/0x7d4\n bus_set_iommu+0xcc/0x13c\n arm_smmu_bus_init+0x44/0x130 [arm_smmu]\n arm_smmu_device_probe+0xb88/0xc54 [arm_smmu]\n platform_drv_probe+0xe4/0x13c\n really_probe+0x2c8/0xb74\n driver_probe_device+0x11c/0x228\n device_driver_attach+0xf0/0x16c\n __driver_attach+0x80/0x320\n bus_for_each_dev+0x11c/0x19c\n driver_attach+0x38/0x48\n bus_add_driver+0x1dc/0x3a4\n driver_register+0x18c/0x244\n __platform_driver_register+0x88/0x9c\n init_module+0x64/0xff4 [arm_smmu]\n do_one_initcall+0x17c/0x2f0\n do_init_module+0xe8/0x378\n load_module+0x3f80/0x4a40\n __se_sys_finit_module+0x1a0/0x1e4\n __arm64_sys_finit_module+0x44/0x58\n el0_svc_common+0x100/0x264\n do_el0_svc+0x38/0xa4\n el0_svc+0x20/0x30\n el0_sync_handler+0x68/0xac\n el0_sync+0x160/0x180\n\nFix this by setting dev->iommu to NULL first and\nthen freeing dev_iommu structure in dev_iommu_free\nfunction.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-416","Use After Free","The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory \"belongs\" to the code that operates on the new pointer.","weakness","Stable","Variant","High",[],[],[],[],[24,26,28,30,32,34,36,38,40,42],{"_key":25},"UBUNTU-CVE-2022-48796",{"_key":27},"SUSE-SU-2024:2894-1",{"_key":29},"SUSE-SU-2024:2902-1",{"_key":31},"SUSE-SU-2024:2929-1",{"_key":33},"SUSE-SU-2024:2939-1",{"_key":35},"SUSE-SU-2024:2947-1",{"_key":37},"DEBIAN-CVE-2022-48796",{"_key":39},"RHSA-2024:6297",{"_key":41},"RHSA-2024:9942",{"_key":43},"RHSA-2024:9943",[],[46,47,48,49,50],{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},"2024-07-16T11:43:50.796Z","2026-05-11T18:47:15.766Z","Analyzed",{"cisa_kev":55,"cisa_ransomware":55,"cisa_vendor":9,"epss_severity":56,"epss_score":57,"severity":58,"severity_score":59,"severity_version":60,"severity_source":61,"severity_vector":62,"severity_status":53},false,"low",0.00019,"high",7.8,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[64,70,74,78],{"url":65,"sources":66,"tags":68},"https://git.kernel.org/stable/c/cb86e511e78e796de6947b8f3acca1b7c76fb2ff",[67,61],"cve.org",[69],"Patch",{"url":71,"sources":72,"tags":73},"https://git.kernel.org/stable/c/65ab30f6a6952fa9ee13009862736cf8d110e6e5",[67,61],[69],{"url":75,"sources":76,"tags":77},"https://git.kernel.org/stable/c/f74fc4b5bd533ea3d30ce47cccb8ef8d21fda85a",[67,61],[69],{"url":79,"sources":80,"tags":81},"https://git.kernel.org/stable/c/b54240ad494300ff0994c4539a531727874381f4",[67,61],[69],[],{"date":84,"score":57,"percentile":85},"2026-06-03",0.05238,[87,91,94,97,100,103,105,107,110,113,116,119,122,125,128,132,135,138,141,144,147,150,153,156,159,161,164,167,170,173,176,179,182,185,188,191,194,197,199,202,205,207,210,212,215,217,220,223,226,229,231,234,237,240,243,246,249,251,253,256,258,261,264,267,269,272,275,278,281,284,287,290,293,296,299,301,304,307,310,313,316,319,322,325,328,331,334,337,339,342],{"date":88,"score":89,"percentile":90},"2025-11-04",0.00015,0.02056,{"date":92,"score":89,"percentile":93},"2025-11-05",0.02082,{"date":95,"score":89,"percentile":96},"2025-11-06",0.02106,{"date":98,"score":89,"percentile":99},"2025-11-07",0.02116,{"date":101,"score":89,"percentile":102},"2025-11-08",0.02122,{"date":104,"score":89,"percentile":102},"2025-11-09",{"date":106,"score":89,"percentile":96},"2025-11-10",{"date":108,"score":89,"percentile":109},"2025-11-11",0.02124,{"date":111,"score":89,"percentile":112},"2025-11-12",0.02134,{"date":114,"score":89,"percentile":115},"2025-11-13",0.0216,{"date":117,"score":89,"percentile":118},"2025-11-14",0.02172,{"date":120,"score":89,"percentile":121},"2025-11-15",0.02193,{"date":123,"score":89,"percentile":124},"2025-11-16",0.02195,{"date":126,"score":89,"percentile":127},"2025-11-17",0.02181,{"date":129,"score":130,"percentile":131},"2025-11-18",0.00094,0.22639,{"date":133,"score":130,"percentile":134},"2025-11-19",0.2265,{"date":136,"score":130,"percentile":137},"2025-11-20",0.22657,{"date":139,"score":89,"percentile":140},"2025-11-21",0.02243,{"date":142,"score":89,"percentile":143},"2025-11-22",0.02245,{"date":145,"score":89,"percentile":146},"2025-11-23",0.02239,{"date":148,"score":89,"percentile":149},"2025-11-24",0.02226,{"date":151,"score":89,"percentile":152},"2025-11-25",0.02214,{"date":154,"score":89,"percentile":155},"2025-11-26",0.0219,{"date":157,"score":89,"percentile":158},"2025-11-27",0.02189,{"date":160,"score":89,"percentile":158},"2025-11-28",{"date":162,"score":89,"percentile":163},"2025-11-29",0.02237,{"date":165,"score":89,"percentile":166},"2025-11-30",0.02241,{"date":168,"score":89,"percentile":169},"2025-12-01",0.02291,{"date":171,"score":89,"percentile":172},"2025-12-02",0.02284,{"date":174,"score":89,"percentile":175},"2025-12-03",0.02288,{"date":177,"score":89,"percentile":178},"2025-12-04",0.02234,{"date":180,"score":89,"percentile":181},"2025-12-05",0.0225,{"date":183,"score":89,"percentile":184},"2025-12-06",0.02257,{"date":186,"score":89,"percentile":187},"2025-12-07",0.02259,{"date":189,"score":89,"percentile":190},"2025-12-08",0.0226,{"date":192,"score":89,"percentile":193},"2025-12-09",0.02279,{"date":195,"score":89,"percentile":196},"2025-12-10",0.02307,{"date":198,"score":89,"percentile":196},"2025-12-11",{"date":200,"score":89,"percentile":201},"2025-12-12",0.02317,{"date":203,"score":89,"percentile":204},"2025-12-13",0.023,{"date":206,"score":89,"percentile":196},"2025-12-14",{"date":208,"score":89,"percentile":209},"2025-12-15",0.02297,{"date":211,"score":89,"percentile":175},"2025-12-16",{"date":213,"score":89,"percentile":214},"2025-12-17",0.02305,{"date":216,"score":89,"percentile":196},"2025-12-18",{"date":218,"score":89,"percentile":219},"2025-12-19",0.02312,{"date":221,"score":89,"percentile":222},"2025-12-20",0.02315,{"date":224,"score":89,"percentile":225},"2025-12-21",0.02324,{"date":227,"score":89,"percentile":228},"2025-12-22",0.02321,{"date":230,"score":89,"percentile":225},"2025-12-23",{"date":232,"score":89,"percentile":233},"2025-12-24",0.02337,{"date":235,"score":89,"percentile":236},"2025-12-25",0.02343,{"date":238,"score":89,"percentile":239},"2025-12-26",0.02346,{"date":241,"score":89,"percentile":242},"2025-12-27",0.02329,{"date":244,"score":89,"percentile":245},"2025-12-28",0.02345,{"date":247,"score":89,"percentile":248},"2025-12-29",0.02334,{"date":250,"score":89,"percentile":242},"2025-12-30",{"date":252,"score":89,"percentile":201},"2025-12-31",{"date":254,"score":89,"percentile":255},"2026-01-01",0.02372,{"date":257,"score":89,"percentile":255},"2026-01-02",{"date":259,"score":57,"percentile":260},"2026-01-03",0.04226,{"date":262,"score":57,"percentile":263},"2026-01-04",0.04114,{"date":265,"score":57,"percentile":266},"2026-01-05",0.0407,{"date":268,"score":57,"percentile":266},"2026-01-06",{"date":270,"score":57,"percentile":271},"2026-01-07",0.04089,{"date":273,"score":57,"percentile":274},"2026-01-08",0.04124,{"date":276,"score":57,"percentile":277},"2026-01-09",0.04129,{"date":279,"score":57,"percentile":280},"2026-01-10",0.0414,{"date":282,"score":57,"percentile":283},"2026-01-11",0.04122,{"date":285,"score":57,"percentile":286},"2026-01-12",0.04119,{"date":288,"score":57,"percentile":289},"2026-01-13",0.04111,{"date":291,"score":57,"percentile":292},"2026-01-14",0.04154,{"date":294,"score":57,"percentile":295},"2026-01-15",0.04081,{"date":297,"score":57,"percentile":298},"2026-01-16",0.04052,{"date":300,"score":57,"percentile":298},"2026-01-17",{"date":302,"score":57,"percentile":303},"2026-01-18",0.04028,{"date":305,"score":57,"percentile":306},"2026-01-19",0.03978,{"date":308,"score":57,"percentile":309},"2026-01-20",0.03938,{"date":311,"score":57,"percentile":312},"2026-01-21",0.03925,{"date":314,"score":57,"percentile":315},"2026-01-22",0.03929,{"date":317,"score":57,"percentile":318},"2026-01-23",0.0398,{"date":320,"score":57,"percentile":321},"2026-01-24",0.04021,{"date":323,"score":57,"percentile":324},"2026-01-25",0.04008,{"date":326,"score":57,"percentile":327},"2026-01-26",0.03997,{"date":329,"score":57,"percentile":330},"2026-01-27",0.03983,{"date":332,"score":57,"percentile":333},"2026-01-28",0.03965,{"date":335,"score":57,"percentile":336},"2026-01-29",0.03981,{"date":338,"score":57,"percentile":330},"2026-01-30",{"date":340,"score":57,"percentile":341},"2026-01-31",0.03967,{"date":343,"score":57,"percentile":344},"2026-02-01",0.04073,[346],{"source":61,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":347,"cvss_v4_0":9},{"baseScore":59,"baseSeverity":348,"vectorString":62,"impactScore":349,"exploitabilityScore":350},"HIGH",9.8,4.6,[352,375],{"ecosystem":9,"name":353,"vendor":354,"product":354,"cpe_part":355,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":356},"Linux","linux","a",[357,364,367,370,373],{"version":358,"is_range":359,"range_type":67,"version_start":360,"version_start_type":361,"version_end":362,"version_end_type":363,"fixed_in":9},">= 0c830e6b32826311fc2b9ea1f4679be0f4ef0933, \u003C cb86e511e78e796de6947b8f3acca1b7c76fb2ff",true,"0c830e6b32826311fc2b9ea1f4679be0f4ef0933","including","cb86e511e78e796de6947b8f3acca1b7c76fb2ff","excluding",{"version":365,"is_range":359,"range_type":67,"version_start":360,"version_start_type":361,"version_end":366,"version_end_type":363,"fixed_in":9},">= 0c830e6b32826311fc2b9ea1f4679be0f4ef0933, \u003C 65ab30f6a6952fa9ee13009862736cf8d110e6e5","65ab30f6a6952fa9ee13009862736cf8d110e6e5",{"version":368,"is_range":359,"range_type":67,"version_start":360,"version_start_type":361,"version_end":369,"version_end_type":363,"fixed_in":9},">= 0c830e6b32826311fc2b9ea1f4679be0f4ef0933, \u003C f74fc4b5bd533ea3d30ce47cccb8ef8d21fda85a","f74fc4b5bd533ea3d30ce47cccb8ef8d21fda85a",{"version":371,"is_range":359,"range_type":67,"version_start":360,"version_start_type":361,"version_end":372,"version_end_type":363,"fixed_in":9},">= 0c830e6b32826311fc2b9ea1f4679be0f4ef0933, \u003C b54240ad494300ff0994c4539a531727874381f4","b54240ad494300ff0994c4539a531727874381f4",{"version":374,"is_range":55,"range_type":67,"version_start":374,"version_start_type":361,"version_end":374,"version_end_type":361,"fixed_in":9},"5.3",{"ecosystem":9,"name":376,"vendor":354,"product":377,"cpe_part":378,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":379},"linux kernel","linux_kernel","o",[380,385,389,393,395],{"version":381,"is_range":359,"range_type":382,"version_start":383,"version_start_type":361,"version_end":384,"version_end_type":363,"fixed_in":9},"gte5.7_lt5.10.101","cpe","5.7","5.10.101",{"version":386,"is_range":359,"range_type":382,"version_start":387,"version_start_type":361,"version_end":388,"version_end_type":363,"fixed_in":9},"gte5.11_lt5.15.24","5.11","5.15.24",{"version":390,"is_range":359,"range_type":382,"version_start":391,"version_start_type":361,"version_end":392,"version_end_type":363,"fixed_in":9},"gte5.16_lt5.16.10","5.16","5.16.10",{"version":394,"is_range":55,"range_type":382,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.17:rc1",{"version":396,"is_range":55,"range_type":382,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.17:rc2"]