Lucene search

K
cveMitreCVE-2022-40307
HistorySep 09, 2022 - 5:15 a.m.

CVE-2022-40307

2022-09-0905:15:07
CWE-362
mitre
web.nvd.nist.gov
131
11
cve-2022-40307
linux
kernel
5.19.8
race condition
use-after-free

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.8

Confidence

High

EPSS

0

Percentile

5.1%

An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.

Affected configurations

Nvd
Node
linuxlinux_kernelRange5.19.8
Node
debiandebian_linuxMatch10.0
Node
debiandebian_linuxMatch10.0
OR
debiandebian_linuxMatch11.0
VendorProductVersionCPE
linuxlinux_kernelcpe:/o:linux:linux_kernel::::

Social References

More

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.8

Confidence

High

EPSS

0

Percentile

5.1%