PT-2022-7186 · Linux+6 · Linux Kernel+6

Alex

Published

2022-05-07

Updated

2023-05-16

CVE-2022-1882

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free flaw was found in the Linux kernel's pipes functionality. This issue arises from the manipulation of the pipe after the free pipe info() function has been called, specifically with the post one notification() function. The flaw allows a local user to crash or potentially escalate their privileges on the system. Exploitation of this flaw may enable an attacker to gain elevated privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2023:2148

ALSA-2023:2458

ALT-PU-2022-2319

ALT-PU-2022-2320

ALT-PU-2022-2339

ALT-PU-2022-2361

ALT-PU-2022-2362

ALT-PU-2022-2370

ALT-PU-2022-2407

ALT-PU-2022-2445

ALT-PU-2022-2633

ALT-PU-2022-2635

ALT-PU-2022-2682

ALT-PU-2022-2692

ALT-PU-2022-2915

ALT-PU-2022-2919

ALT-PU-2022-2957

AZL-10105

BDU:2023-08897

CVE-2022-1882

OPENSUSE-SU-2022_3998-1

OPENSUSE-SU-2022_4072-1

OPENSUSE-SU-2022_4617-1

RHSA-2023:2148

RHSA-2023:2458

RHSA-2023_2148

RHSA-2023_2458

SUSE-SU-2022:3998-1

SUSE-SU-2022:4035-1

SUSE-SU-2022:4039-1

SUSE-SU-2022:4072-1

SUSE-SU-2022:4113-1

SUSE-SU-2022:4617-1

USN-5667-1

USN-5683-1

USN-5703-1

Affected Products

Alt Linux

Almalinux

Linuxmint

Linux Kernel

Red Hat

Suse

Ubuntu

PT-2022-7186 · Linux+6 · Linux Kernel+6

CVE-2022-1882

Weakness Enumeration

Related Identifiers

Affected Products

References · 586