Lucene search

K
cveRedhatCVE-2022-3303
HistorySep 27, 2022 - 11:15 p.m.

CVE-2022-3303

2022-09-2723:15:15
CWE-667
CWE-362
redhat
web.nvd.nist.gov
139
6
cve-2022-3303
linux kernel
sound subsystem
race condition
improper locking
null pointer dereference
sndctl_dsp_sync
denial of service
nvd

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.7

Confidence

High

EPSS

0

Percentile

5.1%

A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition

Affected configurations

Nvd
Vulners
Node
linuxlinux_kernelRange<6.0
OR
linuxlinux_kernelMatch6.0rc1
OR
linuxlinux_kernelMatch6.0rc2
OR
linuxlinux_kernelMatch6.0rc3
OR
linuxlinux_kernelMatch6.0rc4
Node
debiandebian_linuxMatch10.0
OR
debiandebian_linuxMatch11.0
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel6.0cpe:2.3:o:linux:linux_kernel:6.0:rc1:*:*:*:*:*:*
linuxlinux_kernel6.0cpe:2.3:o:linux:linux_kernel:6.0:rc2:*:*:*:*:*:*
linuxlinux_kernel6.0cpe:2.3:o:linux:linux_kernel:6.0:rc3:*:*:*:*:*:*
linuxlinux_kernel6.0cpe:2.3:o:linux:linux_kernel:6.0:rc4:*:*:*:*:*:*
debiandebian_linux10.0cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
debiandebian_linux11.0cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Linux kernel",
    "versions": [
      {
        "version": "Fixed in kernel 6.0-rc5",
        "status": "affected"
      }
    ]
  }
]

Social References

More

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.7

Confidence

High

EPSS

0

Percentile

5.1%