Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-0487

Опубликовано: 04 фев. 2022
Источник: debian
EPSS Низкий

Описание

A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
linuxfixed5.16.10-1package

Примечания

  • https://bugzilla.suse.com/show_bug.cgi?id=1194516

  • https://lore.kernel.org/all/20220114075934.302464-1-gregkh@linuxfoundation.org/

  • https://git.kernel.org/linus/bd2db32e7c3e35bd4d9b8bbff689434a50893546 (5.17-rc4)

  • CONFIG_MMC_MOXART is not set in Debian.

EPSS

Процентиль: 14%
0.00047
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2022-0487

CVSS3: 5.5
ubuntu
больше 3 лет назад

A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.

redhat логотип

CVE-2022-0487

CVSS3: 5.5
redhat
больше 3 лет назад

A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.

nvd логотип

CVE-2022-0487

CVSS3: 5.5
nvd
больше 3 лет назад

A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.

msrc логотип

CVE-2022-0487

CVSS3: 5.5
msrc
больше 3 лет назад

Описание отсутствует

github логотип

GHSA-g6g9-f4gj-gxqv

CVSS3: 5.5
github
больше 3 лет назад

A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.

EPSS

Процентиль: 14%
0.00047
Низкий