Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-27666

Опубликовано: 11 мар. 2022
Источник: redhat
CVSS3: 7.8
EPSS Низкий

Описание

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.

Меры по смягчению последствий

The given exploit needs CAP_NET_ADMIN to set up IPsec SA and a user namespace is used to get that capability, so disabling unprivileged user namespaces gives some protection.

On non-containerized deployments of Red Hat Enterprise Linux 8, you can disable user namespaces by setting user.max_user_namespaces to 0: # echo "user.max_user_namespaces=0" > /etc/sysctl.d/userns.conf # sysctl -p /etc/sysctl.d/userns.conf On containerized deployments, such as Red Hat OpenShift Container Platform, do not use this mitigation as the functionality is needed to be enabled.

Note: If the target system is already using IPsec and has SA configured, then no additional privileges are needed to exploit the issue.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2022:534428.06.2022
Red Hat Enterprise Linux 8kpatch-patchFixedRHSA-2022:521928.06.2022
Red Hat Enterprise Linux 8kernelFixedRHSA-2022:531630.06.2022
Red Hat Enterprise Linux 8.1 Update Services for SAP SolutionskernelFixedRHSA-2022:492407.06.2022
Red Hat Enterprise Linux 8.1 Update Services for SAP Solutionskpatch-patchFixedRHSA-2022:494208.06.2022
Red Hat Enterprise Linux 8.2 Extended Update Supportkernel-rtFixedRHSA-2022:522428.06.2022
Red Hat Enterprise Linux 8.2 Extended Update SupportkernelFixedRHSA-2022:522028.06.2022

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=2061633kernel: buffer overflow in IPsec ESP transformation code

EPSS

Процентиль: 72%
0.00735
Низкий

7.8 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-27666

CVSS3: 7.8
ubuntu
около 3 лет назад

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.

nvd логотип

CVE-2022-27666

CVSS3: 7.8
nvd
около 3 лет назад

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.

msrc логотип

CVE-2022-27666

CVSS3: 7.8
msrc
около 3 лет назад

Описание отсутствует

debian логотип

CVE-2022-27666

CVSS3: 7.8
debian
около 3 лет назад

A heap buffer overflow flaw was found in IPsec ESP transformation code ...

suse-cvrf логотип

SUSE-SU-2022:1303-1

suse-cvrf
около 3 лет назад

Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP4)

EPSS

Процентиль: 72%
0.00735
Низкий

7.8 High

CVSS3