Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2022-1055

UNKNOWN
Published 2022-03-29T15:05:13
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2022-1055. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Linux

Kernel

Affected Versions:

0 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5
linux

linux_kernel

Affected Versions:

0

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-wmc5-hv62-89g7

Advisory Details

A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2022-1055
WEB https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5
WEB https://kernel.dance/#04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5
WEB https://security.netapp.com/advisory/ntap-20220506-0007
WEB https://syzkaller.appspot.com/bug?id=2212474c958978ab86525fe6832ac8102c309ffc
WEB http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html

Advisory provided by GitHub Security Advisory Database. Published: March 30, 2022, Modified: May 21, 2024

References

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5
https://syzkaller.appspot.com/bug?id=2212474c958978ab86525fe6832ac8102c309ffc
https://kernel.dance/#04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5
https://security.netapp.com/advisory/ntap-20220506-0007/
http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html
Published: 2022-03-29T15:05:13
Last Modified: 2024-08-02T23:47:43.302Z
Copied to clipboard!