PT-2022-4331 · Linux+4 · Linux Kernel+4

Published

2022-05-01

·

Updated

2023-06-27

·

CVE-2022-1974

CVSS v2.0

7.7

High

VectorAV:A/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This issue allows a local attacker with CAP NET ADMIN privilege to leak kernel information. The vulnerability may also allow a remote attacker to impact the confidentiality, integrity, and availability of protected information.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Time Of Check To Time Of Use

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-367CWE-416

Related Identifiers

BDU:2022-05190
CVE-2022-1974
DLA-3065-1
DSA-5161-1
DSA-5173-1
OESA-2022-1714
OPENSUSE-SU-2022:2173-1
OPENSUSE-SU-2022:2177-1
OPENSUSE-SU-2022_2111-1
OPENSUSE-SU-2022_2172-1
OPENSUSE-SU-2022_2173-1
OPENSUSE-SU-2022_2520-1
OPENSUSE-SU-2022_2615-1
SUSE-SU-2022:2077-1
SUSE-SU-2022:2080-1
SUSE-SU-2022:2082-1
SUSE-SU-2022:2103-1
SUSE-SU-2022:2104-1
SUSE-SU-2022:2111-1
SUSE-SU-2022:2116-1
SUSE-SU-2022:2172-1
SUSE-SU-2022:2173-1
SUSE-SU-2022:2177-1
SUSE-SU-2022:2393-1
SUSE-SU-2022:2520-1
SUSE-SU-2022:2615-1
SUSE-SU-2022:2629-1
USN-5518-1
USN-5560-1
USN-5560-2
USN-5562-1
USN-5564-1
USN-5582-1
USN-6001-1
USN-6013-1
USN-6014-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Suse
Ubuntu