Lucene search

K
redhatcveRedhat.comRH:CVE-2022-20572
HistoryApr 13, 2023 - 5:00 p.m.

CVE-2022-20572

2023-04-1317:00:47
redhat.com
access.redhat.com
30
linux kernel
read-only files
missing permission check
local privilege escalation
cve-2022-20572

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

6.4

Confidence

High

EPSS

0

Percentile

5.1%

A flaw was found in the Linux kernel, where it is possible to modify read-only files due to a missing permission check. This flaw can lead to local privilege escalation.

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

6.4

Confidence

High

EPSS

0

Percentile

5.1%