Lucene search

K
redhatcveRedhat.comRH:CVE-2022-20421
HistoryNov 03, 2022 - 4:56 a.m.

CVE-2022-20421

2022-11-0304:56:04
redhat.com
access.redhat.com
125
vulnerability
binder_inc_ref_for_node
memory corruption
use-after-free
linux kernel
local privilege escalation

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%

A vulnerability was found in the binder_inc_ref_for_node function in drivers/android/binder.c due to memory corruption, causing a use-after-free issue in the Linux kernel. This flaw could lead to local privilege escalation.

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%