CVE-2022-0646

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux Kernel versions 5.17-rc1 through 5.17-rc5

Description A flaw in the Linux kernel Management Component Transport Protocol (MCTP) subsystem was found, related to use after free. This issue can be triggered by a local user, allowing them to crash the system or escalate their privileges.

Recommendations For Linux Kernel versions 5.17-rc1 through 5.17-rc5, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-459

Related Identifiers

BDU:2024-04158

CVE-2022-0646

Affected Products

Linux Kernel

CVE-2022-0646

Weakness Enumeration

Related Identifiers

Affected Products

References · 11