PT-2022-2644 · Linux+5 · Linux Kernel+5

Bing-Jhong Billy Jheng

Published

2021-04-09

Updated

2022-10-19

CVE-2022-1116

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux Kernel versions prior to 5.4.189

Description The issue is related to an integer overflow in the io uring interface of the Linux Kernel, which can be exploited by a local attacker to cause memory corruption and escalate privileges to the root level.

Recommendations For Linux Kernel versions prior to 5.4.189, update to version 5.4.189 or later to resolve the issue.

Exploit

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALT-PU-2021-1621

ALT-PU-2021-1656

ALT-PU-2021-1739

ALT-PU-2021-1862

ALT-PU-2021-1866

ALT-PU-2022-1713

BDU:2022-03104

CVE-2022-1116

LSN-0086-1

OPENSUSE-SU-2022_2741-1

OPENSUSE-SU-2022_2875-1

SUSE-SU-2022:2214-1

SUSE-SU-2022:2216-1

SUSE-SU-2022:2230-1

SUSE-SU-2022:2237-1

SUSE-SU-2022:2239-1

SUSE-SU-2022:2245-1

SUSE-SU-2022:2262-1

SUSE-SU-2022:2516-1

SUSE-SU-2022:2741-1

SUSE-SU-2022:2761-1

SUSE-SU-2022:2809-1

SUSE-SU-2022:2875-1

SUSE-SU-2022:2875-2

SUSE-SU-2022:2892-1

SUSE-SU-2022:2892-2

SUSE-SU-2022:3080-1

SUSE-SU-2022:3088-1

SUSE-SU-2022_3080-1

USN-5442-1

USN-5442-2

Affected Products

Alt Linux

Astra Linux

Linux Kernel

Linuxmint

Suse

Ubuntu

PT-2022-2644 · Linux+5 · Linux Kernel+5

CVE-2022-1116

Weakness Enumeration

Related Identifiers

Affected Products

References · 191