7.8
CVSSv3

CVE-2022-28893

Published: 11/04/2022 Updated: 13/06/2022
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

The SUNRPC subsystem in the Linux kernel up to and including 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Several security issues were fixed in the Linux kernel ...
The SUNRPC subsystem in the Linux kernel through 5172 can call xs_xprt_free before ensuring that sockets are in the intended state ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctlc in the Linux kernel This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality (CVE-2022-0494) A memory leak flaw was found in the Linux kernel's DMA subsystem, in the wa ...
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2022-0494 The scsi_ioctl() was susceptible to an information leak only exploitable by users with CAP_SYS_ADMIN or CAP_SYS_RAWIO capabilities CVE-2022-0854 Ali Haider discovered a pot ...
A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctlc in the Linux kernel This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality (CVE-2022-0494) A memory leak flaw was found in the Linux kernel's DMA subsystem, in the wa ...
A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel's BPF subsystem due to the way a user loads BTF This flaw allows a local user to crash or escalate their privileges on the system (CVE-2022-0500) A flaw was found in the Linux kernel in linux/net/netfilter/nf_table ...
A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel's BPF subsystem due to the way a user loads BTF This flaw allows a local user to crash or escalate their privileges on the system (CVE-2022-0500) A flaw was found in the Linux kernel in linux/net/netfilter/nf_table ...