CVE-2022-36123

Опубликовано: 29 июл. 2022

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.

Ссылки

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.13
Release Notes
Third Party Advisory
https://github.com/sickcodes/security/blob/master/advisories/SICK-2022-128.md
Exploit
Patch
Third Party Advisory
https://github.com/torvalds/linux/commit/74a0032b8524ee2bd4443128c0bf9775928680b0
Patch
Third Party Advisory
https://github.com/torvalds/linux/commit/96e8fc5818686d4a1591bb6907e7fdb64ef29884
Patch
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220901-0003/
Third Party Advisory
https://sick.codes/sick-2022-128
Exploit
Patch
Third Party Advisory
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.13
Release Notes
Third Party Advisory
https://github.com/sickcodes/security/blob/master/advisories/SICK-2022-128.md
Exploit
Patch
Third Party Advisory
https://github.com/torvalds/linux/commit/74a0032b8524ee2bd4443128c0bf9775928680b0
Patch
Third Party Advisory
https://github.com/torvalds/linux/commit/96e8fc5818686d4a1591bb6907e7fdb64ef29884
Patch
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220901-0003/
Third Party Advisory
https://sick.codes/sick-2022-128
Exploit
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия до 5.18.13 (исключая)

Конфигурация 2

Одновременно

cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Конфигурация 3

Одновременно

cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Конфигурация 4

Одновременно

cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Конфигурация 5

Одновременно

cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Конфигурация 6

Одновременно

cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

EPSS

Процентиль: 4%

0.00021

Низкий

7.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2022-36123

CVSS3: 7.8

ubuntu

около 3 лет назад

The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.

CVE-2022-36123

CVSS3: 7

redhat

около 3 лет назад

The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.

CVE-2022-36123

CVSS3: 7.8

msrc

около 3 лет назад

Описание отсутствует

CVE-2022-36123

CVSS3: 7.8

debian

около 3 лет назад

The Linux kernel before 5.18.13 lacks a certain clear operation for th ...

GHSA-6339-6rqv-9985

CVSS3: 7.8

github

около 3 лет назад

The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.

EPSS

Процентиль: 4%

0.00021

Низкий

7.8 High

CVSS3

Дефекты

NVD-CWE-noinfo