{"id":"CVE-2022-48787","summary":"iwlwifi: fix use-after-free","details":"In the Linux kernel, the following vulnerability has been resolved:\n\niwlwifi: fix use-after-free\n\nIf no firmware was present at all (or, presumably, all of the\nfirmware files failed to parse), we end up unbinding by calling\ndevice_release_driver(), which calls remove(), which then in\niwlwifi calls iwl_drv_stop(), freeing the 'drv' struct. However\nthe new code I added will still erroneously access it after it\nwas freed.\n\nSet 'failure=false' in this case to avoid the access, all data\nwas already freed anyway.","modified":"2026-03-20T12:21:52.575983Z","published":"2024-07-16T11:43:44.349Z","related":["SUSE-SU-2024:2894-1","SUSE-SU-2024:2902-1","SUSE-SU-2024:2929-1","SUSE-SU-2024:2939-1","SUSE-SU-2024:2947-1","SUSE-SU-2024:3225-1","SUSE-SU-2024:3249-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48787.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/008508c16af0087cda0394e1ac6f0493b01b6063"},{"type":"WEB","url":"https://git.kernel.org/stable/c/494de920d98f125b099f27a2d274850750aff957"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7d6475179b85a83186ccce59cdc359d4f07d0bcb"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9958b9cbb22145295ee1ffaea0904c383da2c05d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/bea2662e7818e15d7607d17d57912ac984275d94"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d3b98fe36f8a06ce654049540773256ab59cb53d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ddd46059f7d99119b62d44c519df7a79f2e6a515"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48787.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48787"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"8e10749fa1a454c1e7214f36cec83241f5a36ef1"},{"fixed":"d3b98fe36f8a06ce654049540773256ab59cb53d"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"1d7cc54137a4f28506dc7beac235b240b08f4e59"},{"fixed":"7d6475179b85a83186ccce59cdc359d4f07d0bcb"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0446cafa843e6db4982731c167e11c80d42be7e2"},{"fixed":"494de920d98f125b099f27a2d274850750aff957"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"febab6b60d61d13cd9f30a2991deea56df39567d"},{"fixed":"008508c16af0087cda0394e1ac6f0493b01b6063"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"e23f075d77987de4215c8e0696f28bcc707506f7"},{"fixed":"ddd46059f7d99119b62d44c519df7a79f2e6a515"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"6b5ad4bd0d78fef6bbe0ecdf96e09237c9c52cc1"},{"fixed":"9958b9cbb22145295ee1ffaea0904c383da2c05d"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"ab07506b0454bea606095951e19e72c282bfbb42"},{"fixed":"bea2662e7818e15d7607d17d57912ac984275d94"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48787.json"}}],"schema_version":"1.7.5"}