PT-2022-1414 · Linux+4 · Linux Kernel+4

Mathias Krause

·

Published

2022-01-24

·

Updated

2025-09-29

·

CVE-2022-24122

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions 5.14 through 5.16.4
Description The issue is related to a use-after-free vulnerability in the Linux kernel, specifically in the kernel/ucount.c file, when unprivileged user namespaces are enabled. This allows a ucounts object to outlive its namespace, potentially leading to privilege escalation. The problem is associated with the handling of rlimit restrictions in different user namespaces.
Recommendations For Linux kernel versions 5.14 through 5.16.4, update to version 5.16.5 or 5.15.19 to resolve the issue. As a temporary workaround, consider disabling unprivileged user namespaces until a patch is available. Restrict access to the vulnerable ucount mechanism to minimize the risk of exploitation.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025_16880
ALT-PU-2022-1197
ALT-PU-2022-1239
ALT-PU-2022-1298
ALT-PU-2022-1370
ALT-PU-2022-1441
ALT-PU-2022-1540
AZL-8451
BDU:2022-00515
CVE-2022-24122
MGASA-2022-0041
MGASA-2022-0063
USN-5278-1

Affected Products

Alt Linux
Linuxmint
Linux Kernel
Red Os
Ubuntu