CVE-2022-1117

CVSS v3.1

8.4

High

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions fapolicyd (affected versions not specified)

Description A vulnerability was found due to an assumption on how glibc names the runtime linker. A build time regular expression may not correctly detect the runtime linker, causing pattern detection for applications launched by the runtime linker to fail and allow execution.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Files Accessible to External Parties

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-552

Related Identifiers

ALSA-2022:1898

AZL-10863

CESA-2022_1898

CVE-2022-1117

RHSA-2022:1898

RHSA-2022:4824

RHSA-2022_1898

RLSA-2022:1898

Affected Products

Almalinux

Centos

Red Hat

Rocky Linux

Fapolicyd

CVE-2022-1117

Weakness Enumeration

Related Identifiers

Affected Products

References · 24