PT-2022-3912 · Linux+3 · Linux Kernel+3

Sick Codes

Published

2022-07-01

Updated

2023-08-14

CVE-2022-36123

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.18.13

Description The issue is related to the clear bss function in the Linux kernel, which is associated with errors in clearing the initial symbol of the block (.bss). This can allow an attacker to cause a denial of service or gain privileges, specifically affecting Xen PV guest OS users.

Recommendations For Linux kernel versions prior to 5.18.13, update to version 5.18.13 or later to resolve the issue. As a temporary workaround, consider restricting access to Xen PV guest OS to minimize the risk of exploitation.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

ALT-PU-2022-2290

ALT-PU-2022-2339

ALT-PU-2022-2915

ALT-PU-2022-2919

ALT-PU-2023-1684

ALT-PU-2023-1741

ALT-PU-2023-1814

ALT-PU-2023-4894

AZL-10451

BDU:2022-04725

CVE-2022-36123

MGASA-2022-0278

MGASA-2022-0279

OESA-2022-1844

OESA-2022-1845

OESA-2022-1846

Affected Products

Alt Linux

Astra Linux

Linux Kernel

Red Os

PT-2022-3912 · Linux+3 · Linux Kernel+3

CVE-2022-36123

Weakness Enumeration

Related Identifiers

Affected Products

References · 52