PT-2022-7358 · Linux+7 · Linux Kernel+7

Published

2022-01-10

·

Updated

2024-07-10

·

CVE-2022-2938

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to the psi trigger poll() function in the kernel/sched/psi.c module of the Linux kernel's Pressure Stall Information (PSI) system. It involves the reuse of previously freed memory, which could allow an attacker to impact the confidentiality, integrity, and availability of protected information. The flaw could enable an attacker to crash the system or cause other memory-corruption side effects.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2022:7444
ALSA-2022:7683
ALT-PU-2022-1197
ALT-PU-2022-1221
ALT-PU-2022-1239
ALT-PU-2022-1289
ALT-PU-2022-1297
ALT-PU-2022-1298
ALT-PU-2022-1300
ALT-PU-2022-1301
ALT-PU-2022-1419
ALT-PU-2022-1421
ALT-PU-2022-1428
ALT-PU-2022-1432
ALT-PU-2022-1441
ALT-PU-2022-1467
ALT-PU-2022-1540
ALT-PU-2023-4894
AZL-10678
BDU:2024-04159
CESA-2022_7444
CESA-2022_7683
CVE-2022-2938
OESA-2022-1910
OPENSUSE-SU-2022_3288-1
OPENSUSE-SU-2022_3293-1
OPENSUSE-SU-2022_4617-1
OPENSUSE-SU-2024_2362-1
RHSA-2022:7444
RHSA-2022:7683
RHSA-2022_7444
RHSA-2022_7683
RHSA-2024:1188
RLSA-2022:7444
RLSA-2022:7683
SUSE-SU-2022:3288-1
SUSE-SU-2022:3293-1
SUSE-SU-2022:4617-1
SUSE-SU-2024:2362-1
SUSE-SU-2024:2365-1
SUSE-SU-2024:2384-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linux Kernel
Red Hat
Rocky Linux
Suse