Lucene search

K
ubuntucveUbuntu.comUB:CVE-2022-0480
HistoryAug 29, 2022 - 12:00 a.m.

CVE-2022-0480

2022-08-2900:00:00
ubuntu.com
ubuntu.com
18
flaw
filelock_init
linux kernel
host memory exhaustion
memcg
portable operating system interface
posix file locks

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0

Percentile

14.2%

A flaw was found in the filelock_init in fs/locks.c function in the Linux
kernel. This issue can lead to host memory exhaustion due to memcg not
limiting the number of Portable Operating System Interface (POSIX) file
locks.

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0

Percentile

14.2%