Improper Locking
CVE-2022-26452
Summary
In isp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262305; Issue ID: ALPS07262305.
- LOW
- LOCAL
- HIGH
- UNCHANGED
- NONE
- HIGH
- HIGH
- HIGH
CWE-667 - Improper Locking
The software does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.
References
Advisory Timeline
- Published