{"id":"CVE-2022-48742","summary":"rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nrtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()\n\nWhile looking at one unrelated syzbot bug, I found the replay logic\nin __rtnl_newlink() to potentially trigger use-after-free.\n\nIt is better to clear master_dev and m_ops inside the loop,\nin case we have to replay it.","modified":"2026-05-18T05:56:56.745034854Z","published":"2024-06-20T11:13:26.653Z","related":["SUSE-SU-2025:0201-1","SUSE-SU-2025:0201-2","SUSE-SU-2025:0229-1","SUSE-SU-2025:0236-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48742.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/2cf180360d66bd657e606c1217e0e668e6faa303"},{"type":"WEB","url":"https://git.kernel.org/stable/c/36a9a0aee881940476b254e0352581401b23f210"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3bbe2019dd12b8d13671ee6cda055d49637b4c39"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7d9211678c0f0624f74cdff36117ab8316697bb8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a01e60a1ec6bef9be471fb7182a33c6d6f124e93"},{"type":"WEB","url":"https://git.kernel.org/stable/c/bd43771ee9759dd9dfae946bff190e2c5a120de5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c6f6f2444bdbe0079e41914a35081530d0409963"},{"type":"WEB","url":"https://git.kernel.org/stable/c/def5e7070079b2a214b3b1a2fbec623e6fbfe34a"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48742.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48742"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"ba7d49b1f0f8e5f24294a880ed576964059af5ef"},{"fixed":"2cf180360d66bd657e606c1217e0e668e6faa303"},{"fixed":"7d9211678c0f0624f74cdff36117ab8316697bb8"},{"fixed":"a01e60a1ec6bef9be471fb7182a33c6d6f124e93"},{"fixed":"bd43771ee9759dd9dfae946bff190e2c5a120de5"},{"fixed":"3bbe2019dd12b8d13671ee6cda055d49637b4c39"},{"fixed":"def5e7070079b2a214b3b1a2fbec623e6fbfe34a"},{"fixed":"36a9a0aee881940476b254e0352581401b23f210"},{"fixed":"c6f6f2444bdbe0079e41914a35081530d0409963"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48742.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"3.14.0"},{"fixed":"4.9.300"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.10.0"},{"fixed":"4.14.265"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.15.0"},{"fixed":"4.19.228"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.20.0"},{"fixed":"5.4.177"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.97"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.20"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"5.16.6"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48742.json"}}],"schema_version":"1.7.5"}