exploitDog

CVE-2022-4095

Опубликовано: 22 мар. 2023

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.

Ссылки

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c53b3dcb9942b8ed7f81ee3921c4085d87070c73
Patch
Vendor Advisory
https://security.netapp.com/advisory/ntap-20230420-0005/
Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c53b3dcb9942b8ed7f81ee3921c4085d87070c73
Patch
Vendor Advisory
https://security.netapp.com/advisory/ntap-20230420-0005/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 2.6.37 (включая) до 4.9.328 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.10 (включая) до 4.14.293 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.15 (включая) до 4.19.258 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.20 (включая) до 5.4.213 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.5 (включая) до 5.10.142 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.11 (включая) до 5.15.66 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.16 (включая) до 5.19.8 (исключая)

cpe:2.3:o:linux:linux_kernel:6.0:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:6.0:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:6.0:rc3:*:*:*:*:*:*

EPSS

Процентиль: 2%

0.00016

Низкий

7.8 High

CVSS3

Дефекты

CWE-416

CWE-416

Связанные уязвимости

CVE-2022-4095

CVSS3: 7.8

ubuntu

около 2 лет назад

A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.

CVE-2022-4095

CVSS3: 6.3

redhat

больше 2 лет назад

A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.

CVE-2022-4095

CVSS3: 7.8

msrc

около 2 лет назад

Описание отсутствует

CVE-2022-4095

CVSS3: 7.8

debian

около 2 лет назад

A use-after-free flaw was found in Linux kernel before 5.19.2. This is ...

GHSA-cfq4-hg5x-x4r5

CVSS3: 7.8

github

около 2 лет назад

A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.

EPSS

Процентиль: 2%

0.00016

Низкий

7.8 High

CVSS3

Дефекты

CWE-416

CWE-416