CVE-2022-0185
Linux Kernel Heap-Based Buffer Overflow Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
7Exploited in Wild
YesDecision
Descriptions
A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system.
Se ha encontrado un fallo de desbordamiento de búfer en la región heap de la memoria en la forma en que la función legacy_parse_param de la funcionalidad Filesystem Context del kernel de Linux verifica la longitud de los parámetros suministrados. Un usuario local no privilegiado (en caso de tener habilitados los espacios de nombres de usuario no privilegiado, de lo contrario necesita el privilegio CAP_SYS_ADMIN) capaz de abrir un sistema de archivos que no soporta la API Filesystem Context (y por lo tanto los fallbacks a la administración de legado) podría usar este fallo para escalar sus privilegios en el sistema
Linux kernel contains a heap-based buffer overflow vulnerability in the legacy_parse_param function in the Filesystem Context functionality. This allows an attacker to open a filesystem that does not support the Filesystem Context API and ultimately escalate privileges.
CVSS Scores
SSVC
- Decision:Act
Timeline
- 2022-01-11 CVE Reserved
- 2022-01-19 CVE Published
- 2022-01-25 First Exploit
- 2024-08-21 Exploited in Wild
- 2024-08-22 CVE Updated
- 2024-09-11 KEV Due Date
- 2024-10-27 EPSS Updated
CWE
- CWE-190: Integer Overflow or Wraparound
- CWE-191: Integer Underflow (Wrap or Wraparound)
CAPEC
References (12)
| URL | Tag | Source |
|---|---|---|
| https://security.netapp.com/advisory/ntap-20220225-0003 | Third Party Advisory |
|
| URL | Date | SRC |
|---|---|---|
| https://github.com/Crusaders-of-Rust/CVE-2022-0185 | 2024-08-22 | |
| https://github.com/chenaotian/CVE-2022-0185 | 2022-05-24 | |
| https://github.com/veritas501/CVE-2022-0185-PipeVersion | 2022-04-05 | |
| https://github.com/featherL/CVE-2022-0185-exploit | 2022-11-02 | |
| https://github.com/dcheng69/CVE-2022-0185-Case-Study | 2024-05-09 | |
| https://github.com/khaclep007/CVE-2022-0185 | 2022-01-25 | |
| https://www.willsroot.io/2022/01/cve-2022-0185.html | 2024-08-22 |
| URL | Date | SRC |
|---|---|---|
| https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de2 | 2023-06-26 | |
| https://www.openwall.com/lists/oss-security/2022/01/18/7 | 2023-06-26 |
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2022-0185 | 2022-02-15 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2040358 | 2022-02-15 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Netapp Search vendor "Netapp" | H410c Firmware Search vendor "Netapp" for product "H410c Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | H410c Search vendor "Netapp" for product "H410c" | - | - |
Safe
|
| Netapp Search vendor "Netapp" | H300s Firmware Search vendor "Netapp" for product "H300s Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | H300s Search vendor "Netapp" for product "H300s" | - | - |
Safe
|
| Netapp Search vendor "Netapp" | H500s Firmware Search vendor "Netapp" for product "H500s Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | H500s Search vendor "Netapp" for product "H500s" | - | - |
Safe
|
| Netapp Search vendor "Netapp" | H700s Firmware Search vendor "Netapp" for product "H700s Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | H700s Search vendor "Netapp" for product "H700s" | - | - |
Safe
|
| Netapp Search vendor "Netapp" | H300e Firmware Search vendor "Netapp" for product "H300e Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | H300e Search vendor "Netapp" for product "H300e" | - | - |
Safe
|
| Netapp Search vendor "Netapp" | H500e Firmware Search vendor "Netapp" for product "H500e Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | H500e Search vendor "Netapp" for product "H500e" | - | - |
Safe
|
| Netapp Search vendor "Netapp" | H700e Firmware Search vendor "Netapp" for product "H700e Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | H700e Search vendor "Netapp" for product "H700e" | - | - |
Safe
|
| Netapp Search vendor "Netapp" | H410s Firmware Search vendor "Netapp" for product "H410s Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | H410s Search vendor "Netapp" for product "H410s" | - | - |
Safe
|
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.1 < 5.4.173 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.1 < 5.4.173" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.5 < 5.10.93 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.10.93" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.11 < 5.15.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.11 < 5.15.16" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.16 < 5.16.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.16 < 5.16.2" | - |
Affected
| ||||||