Question 1

What is CVE-2022-41848 — CVE-2022-41848?

Accepted Answer

drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach.

Question 2

What is the authoritative source for CVE-2022-41848?

Accepted Answer

CVE-2022-41848 (CVE-2022-41848) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVSS	4.2 ()
Vector	CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS	0.24% probability of exploitation · percentile 15.2% · 2026-06-19T12:03:05Z
Last modified	2026-06-17

CVE-2022-41848CVE-2022-41848

Description

Scoring