PT-2022-2601 · Linux+10 · Linux Kernel+10

Kyle Zeng

+1

·

Published

2022-04-15

·

Updated

2025-09-29

·

CVE-2022-29581

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux Kernel versions prior to 5.18 Linux Kernel version 4.14 and later versions
Description The issue is related to an improper update of the reference count in the net/sched component of the Linux Kernel, which can be exploited by a local attacker to cause privilege escalation to the root level. This allows the attacker to gain elevated privileges.
Recommendations For Linux Kernel versions prior to 5.18, update to version 5.18 or later to resolve the issue. For Linux Kernel version 4.14 and later versions, ensure that any updates or patches related to the net/sched component are applied to mitigate the risk of exploitation. As a temporary workaround, consider restricting access to the net/sched component until a patch is available.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-911CWE-416

Related Identifiers

ALSA-2022:7444
ALSA-2022:7683
ALSA-2022:7933
ALSA-2022:8267
ALSA-2024_2394
ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2022-1797
ALT-PU-2022-1810
ALT-PU-2022-1823
ALT-PU-2022-1824
ALT-PU-2022-1826
ALT-PU-2022-1830
ALT-PU-2022-1833
ALT-PU-2022-1853
ALT-PU-2022-1873
ALT-PU-2022-1880
ALT-PU-2022-1881
ALT-PU-2022-1907
ALT-PU-2022-2052
ALT-PU-2022-2152
ALT-PU-2022-2155
ALT-PU-2022-2344
ALT-PU-2023-4894
AZL-12132
BDU:2022-03059
CESA-2022_7444
CESA-2022_7683
CVE-2022-29581
DSA-5173-1
ELSA-2022-7683
ELSA-2022-8267
LSN-0086-1
LSN-0089-1
MGASA-2022-0194
MGASA-2022-0195
OESA-2022-1691
OPENSUSE-SU-2022_2722-1
OPENSUSE-SU-2022_2741-1
OPENSUSE-SU-2022_2803-1
OPENSUSE-SU-2022_2875-1
OPENSUSE-SU-2022_3408-1
RHSA-2022:7444
RHSA-2022:7683
RHSA-2022:7933
RHSA-2022:8267
RHSA-2022_7444
RHSA-2022_7683
RHSA-2022_7933
RHSA-2022_8267
RHSA-2024:0930
RLSA-2022:7444
RLSA-2022:7683
RLSA-2022_7444
RLSA-2022_7683
SUSE-SU-2022:2722-1
SUSE-SU-2022:2741-1
SUSE-SU-2022:2803-1
SUSE-SU-2022:2875-1
SUSE-SU-2022:2875-2
SUSE-SU-2022:2892-1
SUSE-SU-2022:2892-2
SUSE-SU-2022:2910-1
SUSE-SU-2022:3265-1
SUSE-SU-2022:3282-1
SUSE-SU-2022:3350-1
SUSE-SU-2022:3359-1
SUSE-SU-2022:3366-1
SUSE-SU-2022:3368-1
SUSE-SU-2022:3369-1
SUSE-SU-2022:3370-1
SUSE-SU-2022:3377-1
SUSE-SU-2022:3407-1
SUSE-SU-2022:3408-1
SUSE-SU-2022:3412-1
SUSE-SU-2022:3432-1
SUSE-SU-2022:3433-1
SUSE-SU-2022:3445-1
SUSE-SU-2022:3450-1
SUSE-SU-2022:3463-1
SUSE-SU-2022:3464-1
SUSE-SU-2022:3465-1
SUSE-SU-2022:3476-1
SUSE-SU-2022_2803-1
SUSE-SU-2022_3359-1
SUSE-SU-2022_3366-1
SUSE-SU-2022_3368-1
SUSE-SU-2022_3369-1
SUSE-SU-2022_3370-1
SUSE-SU-2022_3377-1
SUSE-SU-2022_3407-1
SUSE-SU-2022_3412-1
SUSE-SU-2022_3432-1
SUSE-SU-2022_3433-1
SUSE-SU-2022_3445-1
SUSE-SU-2022_3463-1
SUSE-SU-2022_3464-1
SUSE-SU-2022_3465-1
SUSE-SU-2022_3476-1
USN-5442-1
USN-5442-2
USN-5443-1
USN-5443-2
USN-5444-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linux Kernel
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu