PT-2022-9252 · Linux · Linux Kernel
Published
2022-05-03
·
Updated
2022-05-11
·
CVE-2021-22556
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 4.1
Description
The Security Team discovered an integer overflow bug that allows an attacker with code execution to issue memory cache invalidation operations on pages that they don’t own, allowing them to control kernel memory from userspace.
Recommendations
For Linux kernel versions prior to 4.1, upgrade to kernel version 4.1 or beyond to resolve the issue.
Fix
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Linux Kernel