CVE-2022-1198
Ubuntu Security Notice USN-5469-1
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.
Se ha detectado una vulnerabilidad de uso de memoria previamente liberada en el archivo drivers/net/hamradio/6pack.c de linux que permite a un atacante bloquear el kernel de linux al simular el dispositivo ax25 mediante el controlador 6pack desde el espacio de usuario
It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-03-31 CVE Reserved
- 2022-05-28 CVE Published
- 2024-08-02 CVE Updated
- 2024-08-02 First Exploit
- 2025-03-29 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-416: Use After Free
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2022-1198 | Third Party Advisory | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2070689 | Issue Tracking |
| URL | Date | SRC |
|---|---|---|
| https://github.com/torvalds/linux/commit/efe4186e6a1b54bf38b9e05450d43b0da1fd7739 | 2024-08-02 | |
| https://www.openwall.com/lists/oss-security/2022/04/02/3 | 2024-08-02 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 5.17 Search vendor "Linux" for product "Linux Kernel" and version " < 5.17" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.17 Search vendor "Linux" for product "Linux Kernel" and version "5.17" | rc1 |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.17 Search vendor "Linux" for product "Linux Kernel" and version "5.17" | rc2 |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.17 Search vendor "Linux" for product "Linux Kernel" and version "5.17" | rc3 |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.17 Search vendor "Linux" for product "Linux Kernel" and version "5.17" | rc4 |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.17 Search vendor "Linux" for product "Linux Kernel" and version "5.17" | rc5 |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 9.0 Search vendor "Redhat" for product "Enterprise Linux" and version "9.0" | - |
Affected
| ||||||