PT-2022-2824 · Linux+2 · Linux Kernel+2

Luo Likang

Published

2021-12-23

Updated

2023-08-14

CVE-2022-0998

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to an integer overflow flaw in the Linux kernel's virtio device driver code, specifically in the way a user triggers the vhost vdpa config validate() function. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALT-PU-2021-3610

ALT-PU-2021-3611

ALT-PU-2021-3636

ALT-PU-2021-3644

ALT-PU-2021-3660

ALT-PU-2022-1012

ALT-PU-2022-1015

ALT-PU-2022-1016

ALT-PU-2022-1017

ALT-PU-2022-1057

ALT-PU-2022-1419

ALT-PU-2022-1421

ALT-PU-2022-1428

ALT-PU-2022-1467

ALT-PU-2023-4894

AZL-9242

BDU:2022-03368

CVE-2022-0998

Affected Products

Alt Linux

Astra Linux

Linux Kernel

PT-2022-2824 · Linux+2 · Linux Kernel+2

CVE-2022-0998

Weakness Enumeration

Related Identifiers

Affected Products

References · 19