{"vulnerability": "cve-2022-49258", "sightings": [{"uuid": "a6787423-19f2-4fc8-9399-018703372f2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2022-49258", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "f2076c97-f909-4430-a745-f3f9f2500887", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-49258", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5750", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-49258\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccree - Fix use after free in cc_cipher_exit()\n\nkfree_sensitive(ctx_p->user.key) will free the ctx_p->user.key. But\nctx_p->user.key is still used in the next line, which will lead to a\nuse after free.\n\nWe can call kfree_sensitive() after dev_dbg() to avoid the uaf.\n\ud83d\udccf Published: 2025-02-26T01:56:11.561Z\n\ud83d\udccf Modified: 2025-02-27T18:02:29.265Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/c93017c8d5ebf55a4e453ac7c84cc84cf92ab570\n2. https://git.kernel.org/stable/c/335bf1fc74f775a8255257aa3e33763f2257b676\n3. https://git.kernel.org/stable/c/25c358efee5153dfd240d4e0d3169d5bebe9cacd\n4. https://git.kernel.org/stable/c/cffb5382bd8d3cf21b874ab5b84bf7618932286b\n5. https://git.kernel.org/stable/c/3d950c34074ed74d2713c3856ba01264523289e6", "creation_timestamp": "2025-02-27T18:27:14.000000Z"}]}