Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-rcmc-qxj3-63p4

Опубликовано: 10 июн. 2022
Источник: github
Github: Не прошло ревью
CVSS3: 6.5

Описание

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H).

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H).

Ссылки

EPSS

Процентиль: 32%
0.00119
Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2022-21499

Дефекты

CWE-787

Связанные уязвимости

ubuntu логотип

CVE-2022-21499

CVSS3: 6.7
ubuntu
около 3 лет назад

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

redhat логотип

CVE-2022-21499

CVSS3: 6.7
redhat
около 3 лет назад

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

nvd логотип

CVE-2022-21499

CVSS3: 6.7
nvd
около 3 лет назад

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

debian логотип

CVE-2022-21499

CVSS3: 6.7
debian
около 3 лет назад

KGDB and KDB allow read and write access to kernel memory, and thus sh ...

oracle-oval логотип

ELSA-2022-9496

oracle-oval
почти 3 года назад

ELSA-2022-9496: kernel security update (IMPORTANT)

EPSS

Процентиль: 32%
0.00119
Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2022-21499

Дефекты

CWE-787