7.8
CVSSv3

CVE-2022-0330

Published: 25/03/2022 Updated: 07/04/2022
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

It exists that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-23222) ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

linux linux kernel 5.17

redhat codeready linux builder 8.0

redhat codeready linux builder 8.4

redhat codeready linux builder eus 8.2

redhat codeready linux builder eus for power little endian 8.2

redhat codeready linux builder for power little endian eus 8.0

redhat codeready linux builder for power little endian eus 8.4

redhat enterprise linux server update services for sap solutions 7.7

redhat enterprise linux 8.0

redhat enterprise linux desktop 7.0

redhat enterprise linux eus 8.2

redhat enterprise linux eus 8.4

redhat enterprise linux for ibm z systems 8.0

redhat enterprise linux for ibm z systems eus 8.2

redhat enterprise linux for ibm z systems eus 8.4

redhat enterprise linux for power big endian 7.0

redhat enterprise linux for power little endian 7.0

redhat enterprise linux for power little endian 8.0

redhat enterprise linux for power little endian eus 8.2

redhat enterprise linux for power little endian eus 8.4

redhat enterprise linux for real time 7

redhat enterprise linux for real time 8

redhat enterprise linux for real time for nfv 7

redhat enterprise linux for real time for nfv 8

redhat enterprise linux for real time for nfv tus 8.2

redhat enterprise linux for real time for nfv tus 8.4

redhat enterprise linux for real time tus 8.2

redhat enterprise linux for real time tus 8.4

redhat enterprise linux for scientific computing 7.0

redhat enterprise linux server 7.0

redhat enterprise linux server aus 7.3

redhat enterprise linux server aus 7.4

redhat enterprise linux server aus 7.6

redhat enterprise linux server aus 7.7

redhat enterprise linux server aus 8.2

redhat enterprise linux server aus 8.4

redhat enterprise linux server for power little endian update services for sap solutions 7.6

redhat enterprise linux server for power little endian update services for sap solutions 7.7

redhat enterprise linux server for power little endian update services for sap solutions 8.1

redhat enterprise linux server for power little endian update services for sap solutions 8.2

redhat enterprise linux server for power little endian update services for sap solutions 8.4

redhat enterprise linux server tus 7.7

redhat enterprise linux server tus 8.2

redhat enterprise linux server tus 8.4

redhat enterprise linux server update services for sap solutions 7.6

redhat enterprise linux server update services for sap solutions 8.1

redhat enterprise linux server update services for sap solutions 8.2

redhat enterprise linux server update services for sap solutions 8.4

redhat enterprise linux workstation 7.0

redhat virtualization 4.0

redhat virtualization_host 4.0

redhat 3scale_api_management 2.0

redhat developer_tools 1.0

fedoraproject fedora 34

fedoraproject fedora 35

redhat ovirt-node 4.4.10

Vendor Advisories

Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 74 Advanced Update SupportRed Hat Product Security has rated ...
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as ...
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 73 Advanced Update SupportRed Hat Product Security has rated ...
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 77 Advanced Update Support, Red Hat Enterprise Linux 77 Telco ...
A random memory access flaw was found in the Linux kernel’s GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU This flaw allows a local user to crash the system or escalate their privileges on the system ...
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update is now available for Red Hat Enterprise Linux 77 Update Services for SAP SolutionsRed Hat Product Security has r ...
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 82 Extended Update SupportRed Hat Product Securit ...
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as ...
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 76 Advanced Update Support, Red Hat Enterprise Linux 76 Telco ...
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 84 Extended Update SupportRed Hat Product Securit ...
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as ...
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this upd ...
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 82 Extended Update SupportRed Hat P ...
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 82 Extended Update SupportRed Hat Product S ...
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 84 Extended Update SupportRed Hat Product S ...
Several security issues were fixed in the Linux kernel ...
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 84 Extended Update SupportRed Hat P ...
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 81 Update Services for SAP SolutionsRed Hat Produ ...
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU This flaw allows a local user to crash the system or escalate their privileges on the system (CVE-2022-0330) The cgroup release_agent is called with call_usermodehelper The function call_usermodehel ...
Several security issues were fixed in the Linux kernel ...
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU This flaw allows a local user to crash the system or escalate their privileges on the system (CVE-2022-0330) The cgroup release_agent is called with call_usermodehelper The function call_usermodehel ...
Synopsis Important: kpatch-patch-4_18_0-147_58_1 security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch-4_18_0-147_58_1 is now available for Red Hat Enterprise Linux 81 Upd ...
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated ...
Synopsis Important: Red Hat Virtualization Host security and bug fix update [ovirt-4410] Async #1 Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for redhat-release-virtualization-host and redhat-virtualizatio ...
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 81 Update Services for SAP SolutionsRed Hat Product Security ...
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this upd ...
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
Synopsis Important: RHV-H security update (redhat-virtualization-host) 4322 Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for redhat-release-virtualization-host and redhat-virtualization-host is now availabl ...
Several security issues were fixed in the Linux kernel ...
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2021-43976 Zekun Shen and Brendan Dolan-Gavitt discovered a flaw in the mwifiex_usb_recv() function of the Marvell WiFi-Ex USB Driver An attacker able to connect a crafted USB device can ...
Amazon Linux has been made aware of a potential Branch Target Injection (BTI) issue (sometimes referred to as Spectre variant 2) This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction Generally, actors who attempt transient ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
Synopsis Moderate: Red Hat Advanced Cluster Management 238 security and container updates Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 238 GeneralAvailability release images, which provide security and container updatesRed Hat Product Security has rated this update as having a securit ...
Amazon Linux has been made aware of a potential Branch Target Injection (BTI) issue (sometimes referred to as Spectre variant 2) This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction Generally, actors who attempt transient ...
Synopsis Moderate: Red Hat Advanced Cluster Management 243 security updates and bug fixes Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 243 General Availability release images This update provides security fixes, bug fixes, and updates the container imagesRed Hat Product Security has ...
Synopsis Moderate: Red Hat Advanced Cluster Management 2211 security updates and bug fixes Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 2211 General Availability release images, which provide one or more container updates and bug fixesRed Hat Product Security has rated this update as ...
Synopsis Moderate: Migration Toolkit for Containers (MTC) 154 security update Type/Severity Security Advisory: Moderate Topic The Migration Toolkit for Containers (MTC) 154 is now availableRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score, whichg ...
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2020-29374 Jann Horn of Google reported a flaw in Linux's virtual memory management A parent and child process initially share all their memory, but when either writes to a shared page, ...