Vulnerability CVE-2022-0995
Published: 2022-03-25

Description:
An out-of-bounds (OOB) memory write flaw was found in the Linux kernel??s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system.

See advisories in our WLB2 database:
Topic
Author
Date
High
Linux watch_queue Filter Out-Of-Bounds Write
Jann Horn
19.04.2022
Low
Watch Queue Out-Of-Bounds Write
Jann Horn
23.04.2022

Type:

CWE-787

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.6/10
9.2/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
None
Complete
Affected software
Linux -> Linux kernel 
Fedoraproject -> Fedora 

 References:
https://bugzilla.redhat.com/show_bug.cgi?id=2063786
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=93ce93587d36493f2f86921fa79921b3cba63fbb
Copyright 2024, cxsecurity.com

 

Back to Top