{"id":"CVE-2022-49385","summary":"driver: base: fix UAF when driver_attach failed","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ndriver: base: fix UAF when driver_attach failed\n\nWhen driver_attach(drv); failed, the driver_private will be freed.\nBut it has been added to the bus, which caused a UAF.\n\nTo fix it, we need to delete it from the bus when failed.","modified":"2026-04-02T08:27:32.715377Z","published":"2025-02-26T02:11:20.725Z","related":["SUSE-SU-2025:01600-1","SUSE-SU-2025:1027-1","SUSE-SU-2025:1176-1","SUSE-SU-2025:1183-1","SUSE-SU-2025:1194-1","SUSE-SU-2025:1241-1","SUSE-SU-2025:1263-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49385.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/310862e574001a97ad02272bac0fd13f75f42a27"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5389101257828d1913d713d9a40acbe14f5961df"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5d709f58c743166fe1c6914b9de0ae8868600d9b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/823f24f2e329babd0330200d0b74882516fe57f4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c059665c84feab46b7173d3a1bf36c2fb7f9df86"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cdf1a683a01583bca4b618dd16223cbd6e462e21"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49385.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49385"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"190888ac01d059e38ffe77a2291d44cafa9016fb"},{"fixed":"5d709f58c743166fe1c6914b9de0ae8868600d9b"},{"fixed":"823f24f2e329babd0330200d0b74882516fe57f4"},{"fixed":"cdf1a683a01583bca4b618dd16223cbd6e462e21"},{"fixed":"5389101257828d1913d713d9a40acbe14f5961df"},{"fixed":"c059665c84feab46b7173d3a1bf36c2fb7f9df86"},{"fixed":"310862e574001a97ad02272bac0fd13f75f42a27"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49385.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}