PT-2022-2675 · Linux+10 · Linux Kernel+10

Norbert Slusarek

·

Published

2022-05-20

·

Updated

2024-06-15

·

CVE-2022-1729

CVSS v3.1

7.0

High

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions 4.0-rc1 through 5.4.193+
Description A race condition was found in the Linux kernel's perf event open() function, which can be exploited by an unprivileged user to gain root privileges. The bug allows for the creation of several exploit primitives, such as kernel address information leak and arbitrary execution. This issue is caused by a use-after-free condition in the perf subsystem, which can be used to initiate access to already freed kernel memory.
Recommendations For Linux kernel versions 4.0-rc1 through 5.4.193+, consider upgrading to a newer version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Race Condition

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-366CWE-362CWE-416

Related Identifiers

ALSA-2022:5249
ALSA-2022:5267
ALSA-2022:5564
ALSA-2022:5565
ALT-PU-2022-2069
ALT-PU-2023-4894
BDU:2022-03164
CESA-2022_5232
CESA-2022_5564
CESA-2022_5565
CVE-2022-1729
DLA-3065-1
DSA-5161-1
DSA-5173-1
MGASA-2022-0212
MGASA-2022-0213
OESA-2022-1705
OESA-2022-1880
OESA-2022-1881
OPENSUSE-SU-2022:2177-1
OPENSUSE-SU-2022_2078-1
OPENSUSE-SU-2022_2079-1
OPENSUSE-SU-2022_2111-1
OPENSUSE-SU-2022_2520-1
OPENSUSE-SU-2022_2615-1
OPENSUSE-SU-2024:12120-1
OPENSUSE-SU-2024:13704-1
RHSA-2022:5157
RHSA-2022:5220
RHSA-2022:5224
RHSA-2022:5232
RHSA-2022:5236
RHSA-2022:5249
RHSA-2022:5267
RHSA-2022:5564
RHSA-2022:5565
RHSA-2022:5626
RHSA-2022:5633
RHSA-2022:5636
RHSA-2022:5806
RHSA-2022:6432
RHSA-2022:6741
RHSA-2022_5232
RHSA-2022_5236
RHSA-2022_5249
RHSA-2022_5267
RHSA-2022_5564
RHSA-2022_5565
RLSA-2022:5564
RLSA-2022:5565
SUSE-SU-2022:2077-1
SUSE-SU-2022:2078-1
SUSE-SU-2022:2079-1
SUSE-SU-2022:2080-1
SUSE-SU-2022:2082-1
SUSE-SU-2022:2103-1
SUSE-SU-2022:2104-1
SUSE-SU-2022:2111-1
SUSE-SU-2022:2116-1
SUSE-SU-2022:2177-1
SUSE-SU-2022:2393-1
SUSE-SU-2022:2438-1
SUSE-SU-2022:2444-1
SUSE-SU-2022:2445-1
SUSE-SU-2022:2446-1
SUSE-SU-2022:2461-1
SUSE-SU-2022:2482-1
SUSE-SU-2022:2520-1
SUSE-SU-2022:2615-1
SUSE-SU-2022:2629-1
SUSE-SU-2022_2461-1
SUSE-SU-2022_2482-1
USN-5560-1
USN-5560-2
USN-5594-1
USN-5599-1
USN-5602-1
USN-5616-1
USN-5622-1
USN-5623-1
USN-5630-1
USN-5639-1
USN-5647-1
USN-5650-1
USN-5654-1
USN-5660-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu