Vulnerability CVE-2022-30594

Vulnerability Name:

CVE-2022-30594 (CCN-226017)

Assigned:

2022-03-18

Published:

2022-03-18

Updated:

2023-02-23

Summary:

The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.

CVSS v3 Severity:

7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

7.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

5.5 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
4.8 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

CVSS v2 Severity:

4.4 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-276

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2022-30594

Source: cve@mitre.org
Type: Third Party Advisory, VDB Entry
cve@mitre.org

Source: cve@mitre.org
Type: Third Party Advisory, VDB Entry
cve@mitre.org

Source: cve@mitre.org
Type: Exploit, Mailing List, Patch, Third Party Advisory
cve@mitre.org

Source: CCN
Type: Google Security Research Issue 2276
Linux: two(?) seccomp bugs: PT_SUSPEND_SECCOMP permission bypass, ptracer death race

Source: cve@mitre.org
Type: Mailing List, Patch, Vendor Advisory
cve@mitre.org

Source: XF
Type: UNKNOWN
linux-kernel-cve202230594-sec-bypass(226017)

Source: cve@mitre.org
Type: Mailing List, Patch, Vendor Advisory
cve@mitre.org

Source: CCN
Type: Linux Kernel GIT Repository
ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE

Source: cve@mitre.org
Type: Patch, Third Party Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Mailing List, Third Party Advisory
cve@mitre.org

Source: CCN
Type: Packet Storm Security [05-09-2022]
Linux PT_SUSPEND_SECCOMP Permission Bypass / Death Race

Source: CCN
Type: Packet Storm Security [01-03-2023]
Linux PT_SUSPEND_SECCOMP Permission Bypass / Ptracer Death Race

Source: cve@mitre.org
Type: Third Party Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Third Party Advisory
cve@mitre.org

Source: CCN
Type: IBM Security Bulletin 7007837 (Cloud Pak for Watson AIOps)
Multiple Vulnerabilities in CloudPak for Watson AIOPs

Vulnerable Configuration:

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:9:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:9::nfv:*:*:*:*:*

Configuration RedHat 3:

cpe:/a:redhat:enterprise_linux:9::realtime:*:*:*:*:*

Configuration RedHat 4:

cpe:/a:redhat:enterprise_linux:9::appstream:*:*:*:*:*

Configuration RedHat 5:

cpe:/a:redhat:enterprise_linux:9::crb:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:9:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:9::baseos:*:*:*:*:*

Configuration CCN 1:

cpe:/o:linux:linux_kernel:4.19:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:5.4:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:5.10:-:*:*:*:*:*:*

OR cpe:/a:linux:linux_kernel:5.15:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:5.16:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:5.17:-:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:8029	P	kernel-docs-5.14.21-150500.53.2 on GA media (Moderate)	2023-06-20
oval:org.opensuse.security:def:8090	P	reiserfs-kmp-default-5.14.21-150500.53.2 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7539	P	kernel-64kb-5.14.21-150500.53.2 on GA media (Moderate)	2023-06-12
oval:com.redhat.rhsa:def:20230300	P	RHSA-2023:0300: kernel-rt security and bug fix update (Important)	2023-01-23
oval:com.redhat.rhsa:def:20230334	P	RHSA-2023:0334: kernel security and bug fix update (Important)	2023-01-23
oval:com.redhat.rhsa:def:20227318	P	RHSA-2022:7318: kernel security, bug fix, and enhancement update (Important)	2022-11-02
oval:com.redhat.rhsa:def:20227319	P	RHSA-2022:7319: kernel-rt security and bug fix update (Important)	2022-11-02
oval:org.opensuse.security:def:4737	P	Security update for the Linux Kernel (Important)	2022-08-02
oval:org.opensuse.security:def:627	P	Security update for the Linux Kernel (Important)	2022-08-01
oval:org.opensuse.security:def:95383	P	Security update for the Linux Kernel (Important)	2022-08-01
oval:org.opensuse.security:def:3753	P	Security update for the Linux Kernel (Important)	2022-08-01
oval:org.opensuse.security:def:95427	P	Security update for the Linux Kernel (Important)	2022-07-21
oval:org.opensuse.security:def:95273	P	Security update for the Linux Kernel (Important)	2022-07-21
oval:org.opensuse.security:def:93319	P	(Important)	2022-07-21
oval:org.opensuse.security:def:3783	P	Security update for the Linux Kernel (Important)	2022-07-21
oval:org.opensuse.security:def:95356	P	Security update for the Linux Kernel (Important)	2022-07-21
oval:org.opensuse.security:def:94051	P	(Important)	2022-07-21
oval:org.opensuse.security:def:95335	P	Security update for the Linux Kernel (Important)	2022-07-21
oval:org.opensuse.security:def:93477	P	(Important)	2022-07-21
oval:org.opensuse.security:def:3794	P	Security update for the Linux Kernel (Important)	2022-07-21
oval:org.opensuse.security:def:3643	P	Security update for the Linux Kernel (Important)	2022-07-21
oval:org.opensuse.security:def:94263	P	(Important)	2022-07-21
oval:org.opensuse.security:def:3726	P	Security update for the Linux Kernel (Important)	2022-07-21
oval:org.opensuse.security:def:95350	P	Security update for the Linux Kernel (Important)	2022-07-21
oval:org.opensuse.security:def:93630	P	(Important)	2022-07-21
oval:org.opensuse.security:def:3705	P	Security update for the Linux Kernel (Important)	2022-07-21
oval:org.opensuse.security:def:95416	P	Security update for the Linux Kernel (Important)	2022-07-21
oval:org.opensuse.security:def:94472	P	(Important)	2022-07-21
oval:org.opensuse.security:def:93159	P	(Important)	2022-07-21
oval:org.opensuse.security:def:93837	P	(Important)	2022-07-21
oval:org.opensuse.security:def:589	P	Security update for the Linux Kernel (Important)	2022-07-21
oval:org.opensuse.security:def:3720	P	Security update for the Linux Kernel (Important)	2022-07-21
oval:org.opensuse.security:def:3724	P	Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP4) (Important)	2022-07-05
oval:org.opensuse.security:def:95354	P	Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP4) (Important)	2022-07-05
oval:org.opensuse.security:def:43636	P	Security update for the Linux Kernel (Important)	2022-06-24
oval:org.opensuse.security:def:1597	P	Security update for the Linux Kernel (Important)	2022-06-24
oval:org.opensuse.security:def:42400	P	Security update for the Linux Kernel (Important)	2022-06-24
oval:org.opensuse.security:def:42304	P	Security update for the Linux Kernel (Important)	2022-06-24
oval:org.opensuse.security:def:6075	P	Security update for the Linux Kernel (Important)	2022-06-20
oval:org.opensuse.security:def:4296	P	Security update for the Linux Kernel (Important)	2022-06-20
oval:org.opensuse.security:def:6339	P	Security update for the Linux Kernel (Important)	2022-06-20
oval:org.opensuse.security:def:5277	P	Security update for the Linux Kernel (Important)	2022-06-20
oval:org.opensuse.security:def:4628	P	Security update for the Linux Kernel (Important)	2022-06-20
oval:org.opensuse.security:def:531	P	Security update for the Linux Kernel (Important)	2022-06-17
oval:org.opensuse.security:def:118927	P	Security update for the Linux Kernel (Important)	2022-06-16
oval:org.opensuse.security:def:118189	P	Security update for the Linux Kernel (Important)	2022-06-16
oval:org.opensuse.security:def:119232	P	Security update for the Linux Kernel (Important)	2022-06-16
oval:org.opensuse.security:def:118647	P	Security update for the Linux Kernel (Important)	2022-06-16
oval:org.opensuse.security:def:119422	P	Security update for the Linux Kernel (Important)	2022-06-16
oval:org.opensuse.security:def:118737	P	Security update for the Linux Kernel (Important)	2022-06-16
oval:org.opensuse.security:def:119607	P	Security update for the Linux Kernel (Important)	2022-06-16
oval:org.opensuse.security:def:1561	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:127295	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:915	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:42397	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:125369	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:125112	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:527	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:1181	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:125732	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:1752	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:1238	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:42300	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:1386	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:6070	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:126898	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:1809	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:125368	P	Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP4) (Important)	2022-06-07
oval:org.opensuse.security:def:118188	P	Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP2) (Important)	2022-06-06
oval:org.opensuse.security:def:1379	P	Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP3) (Important)	2022-06-06
oval:org.opensuse.security:def:118180	P	Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP2) (Important)	2022-06-06
oval:org.opensuse.security:def:1371	P	Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP3) (Important)	2022-06-06
oval:org.opensuse.security:def:4625	P	Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP5) (Important)	2022-06-06
oval:org.opensuse.security:def:4618	P	Security update for the Linux Kernel (Live Patch 19 for SLE 12 SP5) (Important)	2022-06-06
oval:org.opensuse.security:def:1384	P	Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP3) (Important)	2022-06-06
oval:org.opensuse.security:def:118185	P	Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP2) (Important)	2022-06-06
oval:org.opensuse.security:def:1376	P	Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP3) (Important)	2022-06-06
oval:org.opensuse.security:def:118177	P	Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP2) (Important)	2022-06-06
oval:org.opensuse.security:def:1368	P	Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP3) (Important)	2022-06-06
oval:org.opensuse.security:def:4622	P	Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP5) (Important)	2022-06-06
oval:org.opensuse.security:def:1380	P	Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP3) (Important)	2022-06-06
oval:org.opensuse.security:def:118181	P	Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP2) (Important)	2022-06-06
oval:org.opensuse.security:def:1372	P	Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP3) (Important)	2022-06-06
oval:org.opensuse.security:def:4626	P	Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP5) (Important)	2022-06-06
oval:org.opensuse.security:def:4619	P	Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP5) (Important)	2022-06-06
oval:org.opensuse.security:def:1385	P	Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP3) (Important)	2022-06-06
oval:org.opensuse.security:def:118186	P	Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP2) (Important)	2022-06-06
oval:org.opensuse.security:def:1377	P	Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP3) (Important)	2022-06-06
oval:org.opensuse.security:def:118178	P	Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP2) (Important)	2022-06-06
oval:org.opensuse.security:def:1369	P	Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP3) (Important)	2022-06-06
oval:org.opensuse.security:def:4623	P	Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP5) (Important)	2022-06-06
oval:org.opensuse.security:def:1381	P	Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP3) (Important)	2022-06-06
oval:org.opensuse.security:def:118183	P	Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP2) (Important)	2022-06-06
oval:org.opensuse.security:def:1373	P	Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP3) (Important)	2022-06-06
oval:org.opensuse.security:def:4627	P	Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP5) (Important)	2022-06-06
oval:org.opensuse.security:def:125367	P	Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP4) (Important)	2022-06-06
oval:org.opensuse.security:def:4620	P	Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP5) (Important)	2022-06-06
oval:org.opensuse.security:def:118187	P	Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP2) (Important)	2022-06-06
oval:org.opensuse.security:def:1378	P	Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP3) (Important)	2022-06-06
oval:org.opensuse.security:def:118179	P	Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP2) (Important)	2022-06-06
oval:org.opensuse.security:def:1370	P	Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP3) (Important)	2022-06-06
oval:org.opensuse.security:def:4624	P	Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP5) (Important)	2022-06-06
oval:org.opensuse.security:def:1382	P	Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP3) (Important)	2022-06-06
oval:org.opensuse.security:def:118184	P	Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP2) (Important)	2022-06-06
oval:org.opensuse.security:def:1374	P	Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP3) (Important)	2022-06-06
oval:org.opensuse.security:def:4621	P	Security update for the Linux Kernel (Live Patch 24 for SLE 12 SP5) (Important)	2022-06-06
oval:org.opensuse.security:def:4616	P	Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP5) (Important)	2022-06-05
oval:org.opensuse.security:def:118175	P	Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP2) (Important)	2022-06-05
oval:org.opensuse.security:def:4617	P	Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP5) (Important)	2022-06-05
oval:org.opensuse.security:def:118176	P	Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP2) (Important)	2022-06-05
oval:org.opensuse.security:def:1367	P	Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP3) (Important)	2022-06-05
oval:org.opensuse.security:def:125365	P	Security update for the Linux Kernel (Live Patch 24 for SLE 12 SP4) (Important)	2022-06-04
oval:org.opensuse.security:def:125366	P	Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP4) (Important)	2022-06-04
oval:org.opensuse.security:def:125363	P	Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP4) (Important)	2022-06-04
oval:org.opensuse.security:def:125364	P	Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP4) (Important)	2022-06-04

BACK