{"id":"CVE-2022-48779","summary":"net: mscc: ocelot: fix use-after-free in ocelot_vlan_del()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mscc: ocelot: fix use-after-free in ocelot_vlan_del()\n\nocelot_vlan_member_del() will free the struct ocelot_bridge_vlan, so if\nthis is the same as the port's pvid_vlan which we access afterwards,\nwhat we're accessing is freed memory.\n\nFix the bug by determining whether to clear ocelot_port-\u003epvid_vlan prior\nto calling ocelot_vlan_member_del().","modified":"2026-04-02T08:27:00.020959Z","published":"2024-07-16T11:13:17.173Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48779.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/c98bed60cdd7f22237ae256cc9c1c3087206b8a2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ef57640575406f57f5b3393cf57f457b0ace837e"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48779.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48779"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"d4004422f6f9fa8e55c04482008c1c9f9edd2d19"},{"fixed":"c98bed60cdd7f22237ae256cc9c1c3087206b8a2"},{"fixed":"ef57640575406f57f5b3393cf57f457b0ace837e"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48779.json"}}],"schema_version":"1.7.5"}