PT-2022-1465 · Vmware+9 · Vmwgfx Driver+9

Mathias Krause

·

Published

2022-01-25

·

Updated

2024-07-18

·

CVE-2022-22942

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions vmwgfx driver (affected versions not specified)
Description The issue is related to a local privilege escalation vulnerability in the vmwgfx driver. This vulnerability allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer. The vulnerability is also associated with the use of memory after it has been freed, specifically in the vmw execbuf copy fence user() function. This can be exploited by an attacker to elevate their privileges.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

LPE

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2022:0825
ALT-PU-2022-1587
BDU:2022-00607
CESA-2022_0620
CESA-2022_0819
CESA-2022_0825
CESA-2022_0849
CVE-2022-22942
DLA-2941-1
DSA-5092-1
DSA-5096-1
MGASA-2022-0041
MGASA-2022-0042
OESA-2022-1517
OPENSUSE-SU-2022:0363-1
OPENSUSE-SU-2022:0370-1
OPENSUSE-SU-2022_0363-1
OPENSUSE-SU-2022_0370-1
OPENSUSE-SU-2022_2111-1
OPENSUSE-SU-2024:11796-1
OPENSUSE-SU-2024:13704-1
OPENSUSE-SU-2024_2362-1
RHSA-2022:0592
RHSA-2022:0620
RHSA-2022:0622
RHSA-2022:0771
RHSA-2022:0772
RHSA-2022:0777
RHSA-2022:0819
RHSA-2022:0820
RHSA-2022:0821
RHSA-2022:0823
RHSA-2022:0825
RHSA-2022:0841
RHSA-2022:0849
RHSA-2022:0851
RHSA-2022:0925
RHSA-2022:0958
RHSA-2022:1103
RHSA-2022:1107
RHSA-2022:1263
RHSA-2022:1324
RHSA-2022:1373
RHSA-2022_0620
RHSA-2022_0622
RHSA-2022_0819
RHSA-2022_0825
RLSA-2022:0819
RLSA-2022:0825
SUSE-SU-2022:0363-1
SUSE-SU-2022:0364-1
SUSE-SU-2022:0365-1
SUSE-SU-2022:0370-1
SUSE-SU-2022:0372-1
SUSE-SU-2022:0543-1
SUSE-SU-2022:0544-1
SUSE-SU-2022:0555-1
SUSE-SU-2022:1172-1
SUSE-SU-2022:1189-1
SUSE-SU-2022:1193-1
SUSE-SU-2022:1194-1
SUSE-SU-2022:1212-1
SUSE-SU-2022:1223-1
SUSE-SU-2022:1242-1
SUSE-SU-2022:1246-1
SUSE-SU-2022:1278-1
SUSE-SU-2022:1593-1
SUSE-SU-2022:2111-1
SUSE-SU-2022_1593-1
SUSE-SU-2024:2360-1
SUSE-SU-2024:2362-1
SUSE-SU-2024:2365-1
SUSE-SU-2024:2561-1
USN-5278-1
USN-5294-1
USN-5294-2
USN-5295-1
USN-5295-2
USN-5297-1
USN-5298-1
USN-5362-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Red Hat
Rocky Linux
Suse
Ubuntu
Vmwgfx Driver