CVE-2022-0185
CVSS v3.1
8.4 (High)
CVSS v2.0
7.2 (High)
EPSS
0.34 % (72th)
Affected Products
17
Advisories
35
NVD Status
Analyzed
A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system.
- CVE Status
- PUBLISHED
- NVD Status
- Analyzed
- CNA
- Red Hat, Inc.
- Published Date
-
2022-02-11 18:15:10
(2 years ago) - Updated Date
-
2024-09-04 01:00:01
(12 days ago)
Linux Kernel Heap-Based Buffer Overflow Vulnerability (CISA - Known Exploited Vulnerabilities Catalog)
- Description
- Linux kernel contains a heap-based buffer overflow vulnerability in the legacy_parse_param function in the Filesystem Context functionality. This allows an attacker to open a filesystem that does not support the Filesystem Context API and ultimately escalate privileges.
- Required Action
- Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.
- Known to be Used in Ransomware Campaigns
- Unknown
- Notes
- This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=722d94847de2; https://nvd.nist.gov/vuln/detail/CVE-2022-0185
- Vendor
- Linux
- Product
- Kernel
- In CISA Catalog from
-
2024-08-21
(3 weeks ago) - Due Date
-
2024-09-11
(5 days ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
AND |
|
---|
Configuration #3
AND |
|
---|
Configuration #4
AND |
|
---|
Configuration #5
AND |
|
---|
Configuration #6
AND |
|
---|
Configuration #7
AND |
|
---|
Configuration #8
AND |
|
---|
Configuration #9
AND |
|
---|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...