CVE-2022-2977
SUSE Security Advisory - SUSE-SU-2022:3264-1
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it may be possible to escalate privileges on the system.
Se ha encontrado un fallo en la implementación del kernel de Linux de los dispositivos TPM virtualizados proxy. En un sistema donde los dispositivos TPM virtualizados están configurados (esto no es lo predeterminado) un atacante local puede crear un uso de memoria previamente liberada y crear una situación donde puede ser posible escalar privilegios en el sistema
An update that solves 25 vulnerabilities, contains four features and has 91 fixes is now available. The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various security and bug fixes.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-08-24 CVE Reserved
- 2022-09-14 CVE Published
- 2024-08-03 CVE Updated
- 2025-07-11 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-416: Use After Free
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://security.netapp.com/advisory/ntap-20230214-0006 |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9d8e7007dc7c4d7c8366739bbcd3f5e51dcd470f | 2023-02-14 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.12 < 4.14.276 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 4.14.276" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.15 < 4.19.238 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 4.19.238" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.20 < 5.4.189 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 5.4.189" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.5 < 5.10.110 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.10.110" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.11 < 5.15.33 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.11 < 5.15.33" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.16 < 5.16.19 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.16 < 5.16.19" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.17 < 5.17.1 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.17 < 5.17.1" | - |
Affected
| ||||||