CVE-2022-48861

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> vdpa: fix use-after-free on vp_vdpa_remove<br /> <br /> When vp_vdpa driver is unbind, vp_vdpa is freed in vdpa_unregister_device<br /> and then vp_vdpa-&gt;mdev.pci_dev is dereferenced in vp_modern_remove,<br /> triggering use-after-free.<br /> <br /> Call Trace of unbinding driver free vp_vdpa :<br /> do_syscall_64<br /> vfs_write<br /> kernfs_fop_write_iter<br /> device_release_driver_internal<br /> pci_device_remove<br /> vp_vdpa_remove<br /> vdpa_unregister_device<br /> kobject_release<br /> device_release<br /> kfree<br /> <br /> Call Trace of dereference vp_vdpa-&gt;mdev.pci_dev:<br /> vp_modern_remove<br /> pci_release_selected_regions<br /> pci_release_region<br /> pci_resource_len<br /> pci_resource_end<br /> (dev)-&gt;resource[(bar)].end