Lucene search

[email protected]CVE-2022-44032

HistoryOct 30, 2022 - 1:15 a.m.

CVE-2022-44032

2022-10-3001:15:08

CWE-362

[email protected]

web.nvd.nist.gov

linux

kernel

issue

race condition

use-after-free

nvd

cve-2022-44032

6.4 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.4%

JSON

An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4000_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between cmm_open() and cm4000_detach().

Affected configurations

NVD

Node

linuxlinux_kernelRange≤6.0.6

CPENameOperatorVersion
linux:linux_kernellinux linux kernelle6.0.6

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	le	6.0.6

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b12f050c76f090cc6d0aebe0ef76fed79ec3f15

lore.kernel.org/lkml/20220915020834.GA110086%40ubuntu/

lore.kernel.org/lkml/20220919040701.GA302806%40ubuntu/

Social References

6.4 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.4%

JSON

Related for CVE-2022-44032

prion1 cbl_mariner2 osv1 debiancve1 redhatcve1 cvelist1 cnvd1 nvd1 ubuntucve2 openvas1 nessus1