Published: 25/03/2022 Updated: 09/11/2023

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 642

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 5.17
linux linux kernel
fedoraproject fedora 35
netapp h300e_firmware -
netapp h300s_firmware -
netapp h410c_firmware -
netapp h410s_firmware -
netapp h500e_firmware -
netapp h500s_firmware -
netapp h610c_firmware -
netapp h610s_firmware -
netapp h615c_firmware -
netapp h700e_firmware -
netapp h700s_firmware -

An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system ...

This Metasploit module exploits a vulnerability in the Linux Kernel's watch_queue event notification system It relies on a heap out-of-bounds write in kernel memory The exploit may fail on the first attempt so multiple attempts may be needed Note that the exploit can potentially cause a denial of service if multiple failed attempts occur, howeve ...

The Linux watch_queue filter suffers from an out of bounds write vulnerability ...

CVE-2022-0995 exploit

CVE-2022-0995 This is my exploit for CVE-2022-0995, an heap out-of-bounds write in the watch_queue Linux kernel component It uses the same technique described in googlegithubio/security-research/pocs/linux/cve-2021-22555/writeuphtml The exploit targets Ubuntu 2110 with kernel 5130-37 The exploit is not 100% reliable, you may need to run it a couple of times I

Реализация средств повышения привилегий в Linux

CVE-2022-0995 Эксплойт для CVE-2022-0995 Использует запись за пределы кучи в компоненте watch_queue ядра Linux Похожая техника описана в данном исследовании googlegithubio/security-research/pocs/linux/cve-2021-22555/writeuphtml Эксплойт проверен на Ubun

A full list of my starred repositories

Awesome Stars A curated list of my GitHub stars! Generated by stargazed 🏠 Contents Arduino (5) Batchfile (1) C (36) C# (8) C++ (53) CSS (5) D (1) Dart (1) EJS (1) Fennel (1) Go (10) HTML (14) Haskell (1) Java (19) JavaScript (52) Julia (1) Jupyter Notebook (5) Kotlin (4) Lua (3) Makefile (3) Nix (1) Objective-C (6) Others (74) PHP (19) Perl (5) PowerShell (7) Python (1

CVE-2022-0995 exploit

CVE-2022-0995 CVE-2022-0995 exploit writeups exploit target: linux-51318 refernces: docskernelorg/core-api/watch_queuehtml#overview> bsaucegithubio/2022/04/15/CVE-2022-0995/ googlegithubio/security-research/pocs/linux/cve-2021-22555/writeuphtml githubcom/Bonfee/CVE-2022-0995 How to build gcc -o exploit exploitc

CWE-787 https://bugzilla.redhat.com/show_bug.cgi?id=2063786 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=93ce93587d36493f2f86921fa79921b3cba63fbb http://packetstormsecurity.com/files/166770/Linux-watch_queue-Filter-Out-Of-Bounds-Write.html http://packetstormsecurity.com/files/166815/Watch-Queue-Out-Of-Bounds-Write.html https://security.netapp.com/advisory/ntap-20220429-0001/https://nvd.nist.gov https://github.com/Bonfee/CVE-2022-0995 https://packetstormsecurity.com/files/166815/Watch-Queue-Out-Of-Bounds-Write.html https://access.redhat.com/security/cve/cve-2022-0995

CVE-2022-0995

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect