High severity7.8NVD Advisory· Published Jul 16, 2024· Updated Jun 17, 2026
CVE-2022-48779
CVE-2022-48779
Description
In the Linux kernel, the following vulnerability has been resolved:
net: mscc: ocelot: fix use-after-free in ocelot_vlan_del()
ocelot_vlan_member_del() will free the struct ocelot_bridge_vlan, so if this is the same as the port's pvid_vlan which we access afterwards, what we're accessing is freed memory.
Fix the bug by determining whether to clear ocelot_port->pvid_vlan prior to calling ocelot_vlan_member_del().
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- git.kernel.org/stable/c/c98bed60cdd7f22237ae256cc9c1c3087206b8a2nvdMailing ListPatch
- git.kernel.org/stable/c/ef57640575406f57f5b3393cf57f457b0ace837envdMailing ListPatch
News mentions
0No linked articles in our index yet.