CVE-2022-1353

Опубликовано: 21 мар. 2022

Источник: redhat

CVSS3: 7.1

Описание

A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	kernel	Out of support scope
Red Hat Enterprise Linux 7	kernel	Out of support scope
Red Hat Enterprise Linux 7	kernel-rt	Out of support scope
Red Hat Enterprise Linux 8	kernel-rt	Fixed	RHSA-2022:7134	25.10.2022
Red Hat Enterprise Linux 8	kernel	Fixed	RHSA-2022:7110	25.10.2022
Red Hat Enterprise Linux 8.2 Extended Update Support	kernel-rt	Fixed	RHSA-2022:5934	09.08.2022
Red Hat Enterprise Linux 8.2 Extended Update Support	kernel	Fixed	RHSA-2022:5998	09.08.2022
Red Hat Enterprise Linux 8.4 Extended Update Support	kernel-rt	Fixed	RHSA-2022:6248	30.08.2022
Red Hat Enterprise Linux 8.4 Extended Update Support	kernel	Fixed	RHSA-2022:6243	31.08.2022
Red Hat Enterprise Linux 9	kernel	Fixed	RHSA-2022:8267	15.11.2022

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-212

https://bugzilla.redhat.com/show_bug.cgi?id=2066819kernel: kernel info leak issue in pfkey_register

7.1 High

CVSS3

Связанные уязвимости

CVE-2022-1353

CVSS3: 7.1

ubuntu

около 3 лет назад

CVE-2022-1353

CVSS3: 7.1

nvd

около 3 лет назад

CVE-2022-1353

CVSS3: 7.1

msrc

около 3 лет назад

Описание отсутствует

CVE-2022-1353

CVSS3: 7.1

debian

около 3 лет назад

A vulnerability was found in the pfkey_register function in net/key/af ...

GHSA-jj3g-hjh4-j2xj

CVSS3: 7.1

github

около 3 лет назад

7.1 High

CVSS3