Lucene search

PRIOn knowledge basePRION:CVE-2022-1974

HistoryAug 31, 2022 - 4:15 p.m.

Race condition

2022-08-3116:15:00

PRIOn knowledge base

www.prio-n.com

4.1 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

5 Medium

AI Score

Confidence

Low

0.8 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

MULTIPLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:M/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.4%

JSON

A use-after-free flaw was found in the Linux kernel’s NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information.

CPENameOperatorVersion
linux_kerneleq5.18 rc6

CPE	Name	Operator	Version
	linux_kernel	eq	5.18 rc6

References

github.com/torvalds/linux/commit/da5c0f119203ad9728920456a0f52a6d850c01cd

4.1 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

5 Medium

AI Score

Confidence

Low

0.8 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

MULTIPLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:M/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.4%

JSON

Related for PRION:CVE-2022-1974