Описание
An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system.
Меры по смягчению последствий
The mitigation not known. However, for the default configuration of the Red Hat Enterprise Linux it is not possible to trigger this vulnerability: if control groups (cgroups) not being used or being used with the default configuration or being used some other configuration where for example similar privileges for all processes (both for parent and for child processes), then no way to trigger this vulnerability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 9 | kernel | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2022:1975 | 10.05.2022 |
| Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2022:1988 | 10.05.2022 |
| Red Hat Enterprise Linux 8.4 Extended Update Support | kernel-rt | Fixed | RHSA-2022:5633 | 19.07.2022 |
| Red Hat Enterprise Linux 8.4 Extended Update Support | kernel | Fixed | RHSA-2022:5626 | 19.07.2022 |
Показывать по
Дополнительная информация
Статус:
6.3 Medium
CVSS3
Связанные уязвимости
An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system.
An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system.
An unprivileged write to the file handler flaw in the Linux kernel's c ...
Уязвимость ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии
6.3 Medium
CVSS3