Lucene search

K
nvd[email protected]NVD:CVE-2022-41222
HistorySep 21, 2022 - 8:15 a.m.

CVE-2022-41222

2022-09-2108:15:09
CWE-416
web.nvd.nist.gov
3
linux kernel
use-after-free
cve-2022-41222
tlb
rmap lock
pud move

CVSS3

7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

41.2%

mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.

Affected configurations

NVD
Node
linuxlinux_kernelRange5.05.4.211
OR
linuxlinux_kernelRange5.55.10.137
OR
linuxlinux_kernelRange5.115.12.18
OR
linuxlinux_kernelRange5.135.13.3
Node
debiandebian_linuxMatch10.0
Node
netapphci_baseboard_management_controllerMatchh300s
OR
netapphci_baseboard_management_controllerMatchh410c
OR
netapphci_baseboard_management_controllerMatchh410s
OR
netapphci_baseboard_management_controllerMatchh500s
OR
netapphci_baseboard_management_controllerMatchh700s
Node
canonicalubuntu_linuxMatch18.04lts
OR
canonicalubuntu_linuxMatch20.04lts
OR
canonicalubuntu_linuxMatch22.04lts

CVSS3

7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

41.2%