A flaw in the Linux Kernel dvb-core sub system (DVB API used by Digital TV devices) found. The result of race condition inside drivers/media/dvb-core/dmxdev.c is use after free. For triggering attack the local user have to physically remove USB device (like DVB demultiplexer device), and both run some malicious code. Reference: https://www.openwall.com/lists/oss-security/2022/09/23/4
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2137259]
Patch: https://lore.kernel.org/all/20220908132754.30532-1-tiwai@suse.de/
This was fixed for Fedora with the 6.0.18 stable kernel updates.
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:2736 https://access.redhat.com/errata/RHSA-2023:2736
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:2951 https://access.redhat.com/errata/RHSA-2023:2951
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-41218
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2024:0412 https://access.redhat.com/errata/RHSA-2024:0412