Vulnerability CVE-2022-1419

Vulnerability Name:

CVE-2022-1419 (CCN-224931)

Assigned:

2022-04-21

Published:

2022-04-21

Updated:

2022-12-09

Summary:

CVSS v3 Severity:

7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
7.1 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:R)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

6.7 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
6.1 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:R)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): High User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2022-1419

Source: secalert@redhat.com
Type: Issue Tracking, Third Party Advisory
secalert@redhat.com

Source: XF
Type: UNKNOWN
linux-kernel-cve20221419-code-exec(224931)

Source: CCN
Type: oss-sec Mailing List, Thu, 21 Apr 2022 23:44:54 +0800
CVE-2022-1419: Linux kernel: A concurrency use-after-free in vgem_gem_dumb_create

Source: CCN
Type: oss-sec Mailing List, Thu, 21 Apr 2022 19:35:46 +0200
Re: CVE-2022-1419: Linux kernel: A concurrency use-after-free in vgem_gem_dumb_create

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: CCN
Type: Linux Kernel Web site
The Linux Kernel Archives

Vulnerable Configuration:

Configuration CCN 1:

cpe:/o:linux:linux_kernel:4.19:-:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:4674	P	Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP5) (Important)	2022-08-11
oval:org.opensuse.security:def:4675	P	Security update for the Linux Kernel (Live Patch 24 for SLE 12 SP5) (Important)	2022-08-11
oval:org.opensuse.security:def:4676	P	Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP5) (Important)	2022-08-11
oval:org.opensuse.security:def:4673	P	Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP5) (Important)	2022-08-11
oval:org.opensuse.security:def:4669	P	Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP5) (Important)	2022-08-10
oval:org.opensuse.security:def:4666	P	Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP5) (Important)	2022-08-10
oval:org.opensuse.security:def:4672	P	Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP5) (Important)	2022-08-10
oval:org.opensuse.security:def:4667	P	Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP5) (Important)	2022-08-10
oval:org.opensuse.security:def:4668	P	Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP5) (Important)	2022-08-10
oval:org.opensuse.security:def:125385	P	Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP4) (Important)	2022-08-09
oval:org.opensuse.security:def:125386	P	Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP4) (Important)	2022-08-09
oval:org.opensuse.security:def:125387	P	Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP4) (Important)	2022-08-09
oval:org.opensuse.security:def:125384	P	Security update for the Linux Kernel (Live Patch 24 for SLE 12 SP4) (Important)	2022-08-08
oval:org.opensuse.security:def:531	P	Security update for the Linux Kernel (Important)	2022-06-17
oval:org.opensuse.security:def:126898	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:125112	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:127295	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:125369	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:125732	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:4604	P	Security update for the Linux Kernel (Important)	2022-05-16
oval:org.opensuse.security:def:1760	P	Security update for the Linux Kernel (Important)	2022-05-16
oval:org.opensuse.security:def:890	P	Security update for the Linux Kernel (Important)	2022-05-16
oval:org.opensuse.security:def:5241	P	Security update for the Linux Kernel (Important)	2022-05-16
oval:org.opensuse.security:def:42381	P	Security update for the Linux Kernel (Important)	2022-05-16
oval:org.opensuse.security:def:1559	P	Security update for the Linux Kernel (Important)	2022-05-16
oval:org.opensuse.security:def:1803	P	Security update for the Linux Kernel (Important)	2022-05-16
oval:org.opensuse.security:def:1168	P	Security update for the Linux Kernel (Important)	2022-05-16
oval:org.opensuse.security:def:42383	P	Security update for the Linux Kernel (Important)	2022-05-16
oval:org.opensuse.security:def:1596	P	Security update for the Linux Kernel (Important)	2022-05-16
oval:org.opensuse.security:def:42282	P	Security update for the Linux Kernel (Important)	2022-05-16
oval:org.opensuse.security:def:1234	P	Security update for the Linux Kernel (Important)	2022-05-16
oval:org.opensuse.security:def:6039	P	Security update for the Linux Kernel (Important)	2022-05-16
oval:org.opensuse.security:def:4295	P	Security update for the Linux Kernel (Important)	2022-05-16
oval:org.opensuse.security:def:1750	P	Security update for the Linux Kernel (Important)	2022-05-16
oval:org.opensuse.security:def:481	P	Security update for the Linux Kernel (Important)	2022-05-16
oval:org.opensuse.security:def:4734	P	Security update for the Linux Kernel (Important)	2022-05-16
oval:org.opensuse.security:def:42284	P	Security update for the Linux Kernel (Important)	2022-05-16
oval:org.opensuse.security:def:1350	P	Security update for the Linux Kernel (Important)	2022-05-16
oval:org.opensuse.security:def:6331	P	Security update for the Linux Kernel (Important)	2022-05-16
oval:org.opensuse.security:def:6034	P	Security update for the Linux Kernel (Important)	2022-05-12

BACK