Vulnerability Details CVE-2022-24122
kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.0%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.9
References
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f9d87929d451d3e649699d0f1d74f71f77ad38f5
- https://github.com/torvalds/linux/commit/f9d87929d451d3e649699d0f1d74f71f77ad38f5
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSR3AI2IQGRKZCHNKF6S25JGDKUEAWWL/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VVSZKUJAZ2VN6LJ35J2B6YD6BOPQTU3B/
- https://security.netapp.com/advisory/ntap-20220221-0001/
- https://www.openwall.com/lists/oss-security/2022/01/29/1
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f9d87929d451d3e649699d0f1d74f71f77ad38f5
- https://github.com/torvalds/linux/commit/f9d87929d451d3e649699d0f1d74f71f77ad38f5
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSR3AI2IQGRKZCHNKF6S25JGDKUEAWWL/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VVSZKUJAZ2VN6LJ35J2B6YD6BOPQTU3B/
- https://security.netapp.com/advisory/ntap-20220221-0001/
- https://www.openwall.com/lists/oss-security/2022/01/29/1
Products affected by CVE-2022-24122
-
cpe:2.3:h:netapp:h300e:-
-
cpe:2.3:h:netapp:h300s:-
-
cpe:2.3:h:netapp:h410c:-
-
cpe:2.3:h:netapp:h410s:-
-
cpe:2.3:h:netapp:h500e:-
-
cpe:2.3:h:netapp:h500s:-
-
cpe:2.3:h:netapp:h700e:-
-
cpe:2.3:h:netapp:h700s:-
-
cpe:2.3:o:fedoraproject:fedora:34
-
cpe:2.3:o:fedoraproject:fedora:35
-
cpe:2.3:o:linux:linux_kernel:5.14
-
cpe:2.3:o:linux:linux_kernel:5.14.1
-
cpe:2.3:o:linux:linux_kernel:5.14.10
-
cpe:2.3:o:linux:linux_kernel:5.14.11
-
cpe:2.3:o:linux:linux_kernel:5.14.12
-
cpe:2.3:o:linux:linux_kernel:5.14.13
-
cpe:2.3:o:linux:linux_kernel:5.14.14
-
cpe:2.3:o:linux:linux_kernel:5.14.15
-
cpe:2.3:o:linux:linux_kernel:5.14.16
-
cpe:2.3:o:linux:linux_kernel:5.14.17
-
cpe:2.3:o:linux:linux_kernel:5.14.18
-
cpe:2.3:o:linux:linux_kernel:5.14.19
-
cpe:2.3:o:linux:linux_kernel:5.14.2
-
cpe:2.3:o:linux:linux_kernel:5.14.20
-
cpe:2.3:o:linux:linux_kernel:5.14.21
-
cpe:2.3:o:linux:linux_kernel:5.14.3
-
cpe:2.3:o:linux:linux_kernel:5.14.4
-
cpe:2.3:o:linux:linux_kernel:5.14.5
-
cpe:2.3:o:linux:linux_kernel:5.14.6
-
cpe:2.3:o:linux:linux_kernel:5.14.7
-
cpe:2.3:o:linux:linux_kernel:5.14.8
-
cpe:2.3:o:linux:linux_kernel:5.14.9
-
cpe:2.3:o:linux:linux_kernel:5.15
-
cpe:2.3:o:linux:linux_kernel:5.15.0
-
cpe:2.3:o:linux:linux_kernel:5.15.0-58
-
cpe:2.3:o:linux:linux_kernel:5.15.1
-
cpe:2.3:o:linux:linux_kernel:5.15.10
-
cpe:2.3:o:linux:linux_kernel:5.15.11
-
cpe:2.3:o:linux:linux_kernel:5.15.12
-
cpe:2.3:o:linux:linux_kernel:5.15.13
-
cpe:2.3:o:linux:linux_kernel:5.15.14
-
cpe:2.3:o:linux:linux_kernel:5.15.15
-
cpe:2.3:o:linux:linux_kernel:5.15.16
-
cpe:2.3:o:linux:linux_kernel:5.15.17
-
cpe:2.3:o:linux:linux_kernel:5.15.18
-
cpe:2.3:o:linux:linux_kernel:5.15.2
-
cpe:2.3:o:linux:linux_kernel:5.15.3
-
cpe:2.3:o:linux:linux_kernel:5.15.4
-
cpe:2.3:o:linux:linux_kernel:5.15.5
-
cpe:2.3:o:linux:linux_kernel:5.15.6
-
cpe:2.3:o:linux:linux_kernel:5.15.7
-
cpe:2.3:o:linux:linux_kernel:5.15.8
-
cpe:2.3:o:linux:linux_kernel:5.15.9
-
cpe:2.3:o:linux:linux_kernel:5.16
-
cpe:2.3:o:linux:linux_kernel:5.16.0
-
cpe:2.3:o:linux:linux_kernel:5.16.1
-
cpe:2.3:o:linux:linux_kernel:5.16.2
-
cpe:2.3:o:linux:linux_kernel:5.16.3
-
cpe:2.3:o:linux:linux_kernel:5.16.4
-
cpe:2.3:o:netapp:h300e_firmware:-
-
cpe:2.3:o:netapp:h300s_firmware:-
-
cpe:2.3:o:netapp:h410c_firmware:-
-
cpe:2.3:o:netapp:h410s_firmware:-
-
cpe:2.3:o:netapp:h500e_firmware:-
-
cpe:2.3:o:netapp:h500s_firmware:-
-
cpe:2.3:o:netapp:h700e_firmware:-
-
cpe:2.3:o:netapp:h700s_firmware:-