Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.1
CVSSv3

CVE-2022-1353

Published: 29/04/2022 Updated: 09/11/2023
CVSS v2 Base Score: 3.6 | Impact Score: 4.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.1 | Impact Score: 5.2 | Exploitability Score: 1.8
VMScore: 320
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:P
Subscribe to Linux Kernel

Vulnerability Summary

A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854) A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. (CVE-2022-1011) A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. (CVE-2022-1353) A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system. (CVE-2022-1516) perf: Fix sys_perf_event_open() race against self (CVE-2022-1729) mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel up to and including 5.17.1 has a double free. (CVE-2022-28389) A double-free flaw was found in the Linux kernel in the ems_usb_start_xmit function. This flaw allows an malicious user to create a memory leak and corrupt the underlying data structure by calling free more than once. (CVE-2022-28390) Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local malicious user to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. (CVE-2022-29581) The Linux kernel prior to 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows malicious users to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. (CVE-2022-30594)

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

linux linux kernel 5.17

debian debian linux 9.0

debian debian linux 10.0

debian debian linux 11.0

redhat enterprise linux 8.0

netapp h300s_firmware -

netapp h500s_firmware -

netapp h700s_firmware -

netapp h410s_firmware -

netapp h300e_firmware -

netapp h500e_firmware -

netapp h700e_firmware -

netapp h410c_firmware -

Vendor Advisories

Debian Security Advisories: DSA-5173-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2021-4197 Eric Biederman reported that incorrect permission checks in the cgroup process migration implementation can allow a local attacker to escalate privileges CVE-2022-0494 The ...
Debian Security Advisories: DSA-5127-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2021-4197 Eric Biederman reported that incorrect permission checks in the cgroup process migration implementation can allow a local attacker to escalate privileges CVE-2022-0168 A NU ...
Amazon Linux AMI: ALAS-2022-1591
A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE This flaw allows a local user to read random memory from the kernel space (CVE-2022-0854) A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write() This flaw allows a local user to gain unauthor ...
Ubuntu Security Notice: USN-5469-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5467-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5513-1: Linux kernel (AWS) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5541-1: Linux kernel (Azure) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5500-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5505-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5515-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Red Hat: Important: OpenShift Container Platform 4.11.12 security update
Synopsis Important: OpenShift Container Platform 41112 security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 41112 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impac ...
Red Hat: Moderate: kernel-rt security and bug fix update
概述 Moderate: kernel-rt security and bug fix update 类型/严重性 Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems 标题 An update for kernel-rt is now available for Red Hat Enterprise Linux 82 Extended Update SupportRed Hat Product S ...
Red Hat: Moderate: kernel security and bug fix update
Synopsis Moderate: kernel security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 84 Extended Update SupportRed Hat Product Security ...
Red Hat: Important: OpenShift Virtualization 4.8.7 Images bug fixes and security update
Synopsis Important: OpenShift Virtualization 487 Images bug fixes and security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Virtualization release 487 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a secur ...
Red Hat: Important: kernel-rt security and bug fix update
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this upd ...
Red Hat: Moderate: kernel security and bug fix update
Synopsis Moderate: kernel security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 82 Extended Update SupportRed Hat Product Security ...
Red Hat: Moderate: kernel-rt security and bug fix update
Synopsis Moderate: kernel-rt security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 84 Extended Update SupportRed Hat Product Sec ...
Red Hat: Important: OpenShift Container Platform 4.10.31 security update
Synopsis Important: OpenShift Container Platform 41031 security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 41031 is now available withupdates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impact ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat Product Securit ...
Red Hat: Moderate: Openshift Logging 5.3.13 security and bug fix release
Synopsis Moderate: Openshift Logging 5313 security and bug fix release Type/Severity Security Advisory: Moderate Topic An update is now available for OpenShift Logging 53Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed se ...
Red Hat: Important: OpenShift Virtualization 4.9.6 Images security and bug fix update
Synopsis Important: OpenShift Virtualization 496 Images security and bug fix update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Virtualization release 496 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a securit ...
Red Hat: Important: kernel security, bug fix, and enhancement update
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated ...
Red Hat: Moderate: Red Hat Advanced Cluster Management 2.4.8 security fixes and container updates
Synopsis Moderate: Red Hat Advanced Cluster Management 248 security fixes and container updates Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 248 GeneralAvailability release images, which fix security issuesRed Hat Product Security has rated this update as having a security impactof Mo ...
Red Hat: Important: OpenShift Container Platform 4.9.48 bug fix and security update
Synopsis Important: OpenShift Container Platform 4948 bug fix and security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 4948 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Co ...
Red Hat: Moderate: OpenShift Container Platform 4.9.48 extras security update
Synopsis Moderate: OpenShift Container Platform 4948 extras security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 4948 is now available withupdates to packages and images that fix several bugsRed Hat Product Security has rated this update as having a security impact of Moderate A Co ...
Red Hat: Moderate: Logging Subsystem 5.5.4 - Red Hat OpenShift security update
Synopsis Moderate: Logging Subsystem 554 - Red Hat OpenShift security update Type/Severity Security Advisory: Moderate Topic Logging Subsystem 554 - Red Hat OpenShiftRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severi ...
Red Hat: Important: OpenShift Container Platform 4.6.61 bug fix and security update
Synopsis Important: OpenShift Container Platform 4661 bug fix and security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 4661 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Co ...
Red Hat: Moderate: OpenShift Container Platform 4.6.61 security and extras update
Synopsis Moderate: OpenShift Container Platform 4661 security and extras update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 4661 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Conta ...
Red Hat: Important: OpenShift Container Platform 4.8.49 security update
Synopsis Important: OpenShift Container Platform 4849 security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 4849 is now available withupdates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impactof ...
Red Hat: Moderate: OpenShift Container Platform 4.7.59 bug fix and security update
Synopsis Moderate: OpenShift Container Platform 4759 bug fix and security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 4759 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Cont ...
Red Hat: Important: kernel-rt security and bug fix update
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat Product S ...
Red Hat: Moderate: kernel security, bug fix, and enhancement update
Synopsis Moderate: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated th ...
Red Hat: Moderate: kernel-rt security and bug fix update
Synopsis Moderate: kernel-rt security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this updat ...
Red Hat: Moderate: Red Hat Advanced Cluster Management 2.6.2 security update and bug fixes
Synopsis Moderate: Red Hat Advanced Cluster Management 262 security update and bug fixes Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 262 GeneralAvailability release images, which fix bugs and update container imagesRed Hat Product Security has rated this update as having a security i ...
Arch Linux Issues:
A vulnerability was found in the pfkey_register function in net/key/af_keyc in the Linux kernel This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information ...
Amazon Linux 2: ALAS2-2022-1793
A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write() This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation (CVE-2022-1011) A vulnerability was found in the pfkey_register function in net/key/af_keyc in the Linux kernel Thi ...
Amazon Linux 2: ALAS2KERNEL-5.15-2023-023
An issue was discovered in fs/io_uringc in the Linux kernel through 5118 It allows attackers to cause a denial of service (deadlock) because exit may be waiting to park a SQPOLL thread, but concurrently that SQPOLL thread is waiting for a signal to start, aka CID-3ebba796fa25 (CVE-2021-28951) A flaw was found in unrestricted eBPF usage by the ...
Amazon Linux 2: ALAS2KERNEL-5.15-2022-001
A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel's BPF subsystem due to the way a user loads BTF This flaw allows a local user to crash or escalate their privileges on the system (CVE-2022-0500) A flaw was found in the Linux kernel in linux/net/netfilter/nf_table ...
Amazon Linux 2: ALAS2KERNEL-5.10-2023-036
A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2opsc Common Internet File System (CIFS) due to an incorrect return from the memdup_user function This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system (CVE-2022-0168) When the KVM updates the gue ...
Amazon Linux 2022: ALAS2022-2022-083
A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel's BPF subsystem due to the way a user loads BTF This flaw allows a local user to crash or escalate their privileges on the system (CVE-2022-0500) A flaw was found in the Linux kernel in linux/net/netfilter/nf_table ...

References

NVD-CWE-noinfohttps://github.com/torvalds/linux/commit/9a564bccb78a76740ea9d75a259942df8143d02chttps://bugzilla.redhat.com/show_bug.cgi?id=2066819https://www.debian.org/security/2022/dsa-5127https://security.netapp.com/advisory/ntap-20220629-0001/https://lists.debian.org/debian-lts-announce/2022/07/msg00000.htmlhttps://www.debian.org/security/2022/dsa-5173https://nvd.nist.govhttps://www.debian.org/security/2022/dsa-5173https://ubuntu.com/security/notices/USN-5469-1https://alas.aws.amazon.com/ALAS-2022-1591.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook