UbuntuLSN-0084-1

HistoryJan 20, 2022 - 12:00 a.m.

Kernel Live Patch Security Notice

2022-01-2000:00:00

ubuntu.com

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

24.4%

JSON

Details

William Liu and Jamie Hill-Daniel discovered that the file system context
functionality in the Linux kernel contained an integer underflow
vulnerability, leading to an out-of-bounds write. A local attacker could
use this to cause a denial of service (system crash) or execute arbitrary
code.(CVE-2022-0185)

References

ubuntu.com/security/CVE-2022-0185

githubexploit 7

osv 6

mageia 2

nessus 43

cloudfoundry 1

veracode 1

fedora 2

cve 1

debiancve 1

redhatcve 1

ubuntu 2

cnvd 1

prion 1

ubuntucve 1

oraclelinux 5

f5 1

ibm 4

cbl_mariner 2

rocky 4

redhat 11

almalinux 1

thn 2

threatpost 1

trellix 2

photon 2

suse 2

debian 1

redos 1

githubexploit

Exploit for Integer Underflow (Wrap or Wraparound) in Linux Linux Kernel

2024-04-15 02:42:43

Exploit for Integer Underflow (Wrap or Wraparound) in Linux Linux Kernel

2022-04-05 07:48:35

Exploit for Integer Underflow (Wrap or Wraparound) in Linux Linux Kernel

2022-02-18 09:27:34

osv

linux, linux-aws, linux-aws-5.11, linux-aws-5.4, linux-azure, linux-azure-5.11, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.11, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-kvm, linux-oem-5.10, linux-oem-5.13, linux-oem-5.14, linux-oracle, linux-oracle-5.11, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerability

2022-01-19 17:37:58

Important: kernel security and bug fix update

2022-01-19 13:59:09

Important: kernel security and bug fix update

2022-01-19 13:59:09

mageia

Updated kernel-linus packages fix security vulnerability

2022-01-22 00:41:23

Updated kernel packages fix security vulnerability

2022-01-22 00:41:23

nessus

SUSE SLES15 Security Update : kernel (Live Patch 21 for SLE 15 SP2) (SUSE-SU-2022:0239-1)

2022-02-01 00:00:00

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9029)

2022-01-19 00:00:00

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerability (USN-5240-1)

2022-01-20 00:00:00

cloudfoundry

USN-5240-1: Linux kernel vulnerability | Cloud Foundry

2022-03-11 00:00:00

veracode

Denial Of Service (DoS)

2022-01-20 05:51:17

fedora

[SECURITY] Fedora 34 Update: kernel-5.15.16-100.fc34

2022-01-22 01:18:36

[SECURITY] Fedora 35 Update: kernel-5.15.16-200.fc35

2022-01-22 01:32:03

cve

CVE-2022-0185

2022-02-11 18:15:00

debiancve

CVE-2022-0185

2022-02-11 18:15:00

redhatcve

CVE-2022-0185

2022-01-18 19:18:49

ubuntu

Linux kernel vulnerability

2022-01-19 00:00:00

Linux kernel (Intel IOTG) vulnerabilities

2022-04-01 00:00:00

cnvd

Linux kernel heap buffer overflow vulnerability (CNVD-2022-68564)

2022-01-21 00:00:00

prion

Heap overflow

2022-02-11 18:15:00

ubuntucve

CVE-2022-0185

2022-01-18 00:00:00

oraclelinux

Unbreakable Enterprise kernel-container security update

2022-01-19 00:00:00

Unbreakable Enterprise kernel security update

2022-01-19 00:00:00

kernel security and bug fix update

2022-01-21 00:00:00

K73200428 : Linux kernel vulnerability CVE-2022-0185

2022-03-02 00:00:00

ibm

Security Bulletin: IBM Cognos Analytics on Cloud Pak for Data 4.6.5 has addressed a security vulnerability

2023-05-05 15:59:18

Security Bulletin: CICS Transaction Gateway Containers are vulnerable to unwanted system calls such as unshare() (CVE-2022-0185).

2024-01-03 17:53:37

Security Bulletin: IBM Planning Analytics Cartridge for IBM Cloud Pak for Data 4.7.0 has addressed security vulnerabilities

2023-06-29 19:24:39

cbl_mariner

CVE-2022-0185 affecting package kernel 5.15.86.1-1

2022-04-09 06:52:47

CVE-2022-0185 affecting package kernel 5.10.161.1-1

2022-02-25 01:46:15

rocky

kernel security and bug fix update

2022-01-19 13:59:09

kernel security and bug fix update

2022-01-19 22:55:48

kernel-rt security and bug fix update

2022-01-19 09:43:06

redhat

(RHSA-2022:0188) Important: kernel security and bug fix update

2022-01-19 13:59:09

(RHSA-2022:0232) Important: kpatch-patch security update

2022-01-24 09:04:18

(RHSA-2022:0176) Important: kernel-rt security and bug fix update

2022-01-19 09:43:06

almalinux

Important: kernel security and bug fix update

2022-01-19 13:59:09

thn

12-Year-Old Polkit Flaw Lets Unprivileged Linux Users Gain Root Access

2022-01-26 05:39:00

China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws

2024-03-22 11:28:00

threatpost

Bug in the Linux Kernel Allows Privilege Escalation, Container Escape

2022-03-08 14:52:05

trellix

The Bug Report - January 2022 Edition

2022-02-02 00:00:00

The Bug Report - January 2022 Edition

2022-02-02 00:00:00

photon

Important Photon OS Security Update - PHSA-2022-0146

2022-01-25 00:00:00

Important Photon OS Security Update - PHSA-2022-4.0-0146

2022-01-25 00:00:00

suse

Security update for the Linux Kernel (important)

2022-01-25 00:00:00

Security update for the Linux Kernel (important)

2022-01-26 00:00:00

debian

[SECURITY] [DSA 5050-1] linux security update

2022-01-20 16:46:05

redos

ROS-20220919-01

2022-09-19 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

24.4%

JSON

Related for LSN-0084-1