Lucene search

K
redhatcveRedhat.comRH:CVE-2022-2639
HistoryAug 03, 2022 - 3:46 p.m.

CVE-2022-2639

2022-08-0315:46:45
redhat.com
access.redhat.com
148
openvswitch
kernel module
integer coercion
local user
out-of-bounds write access
privilege escalation

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Mitigation

To mitigate this issue, it is possible to prevent the affected code from being loaded by blocklisting the openvswitch kernel module. For instructions relating to blocklisting a kernel module, please see <https://access.redhat.com/solutions/41278&gt;.

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%