fkie_cve-2022-48832
Vulnerability from fkie_nvd
Published
2024-07-16 12:15
Modified
2024-11-21 07:34
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
audit: don't deref the syscall args when checking the openat2 open_how::flags
As reported by Jeff, dereferencing the openat2 syscall argument in
audit_match_perm() to obtain the open_how::flags can result in an
oops/page-fault. This patch fixes this by using the open_how struct
that we store in the audit_context with audit_openat2_how().
Independent of this patch, Richard Guy Briggs posted a similar patch
to the audit mailing list roughly 40 minutes after this patch was
posted.
References
Impacted products
| Vendor | Product | Version |
|---|
{ cveTags: [], descriptions: [ { lang: "en", value: "In the Linux kernel, the following vulnerability has been resolved:\n\naudit: don't deref the syscall args when checking the openat2 open_how::flags\n\nAs reported by Jeff, dereferencing the openat2 syscall argument in\naudit_match_perm() to obtain the open_how::flags can result in an\noops/page-fault. This patch fixes this by using the open_how struct\nthat we store in the audit_context with audit_openat2_how().\n\nIndependent of this patch, Richard Guy Briggs posted a similar patch\nto the audit mailing list roughly 40 minutes after this patch was\nposted.", }, { lang: "es", value: "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: auditoría: no desreferenciar los argumentos de syscall al verificar openat2 open_how::flags Según lo informado por Jeff, desreferenciar el argumento de openat2 syscall en audit_match_perm() para obtener open_how::flags puede resultar en un error de página/ups. Este parche soluciona este problema utilizando la estructura open_how que almacenamos en audit_context con audit_openat2_how(). Independientemente de este parche, Richard Guy Briggs publicó un parche similar en la lista de correo de auditoría aproximadamente 40 minutos después de la publicación de este parche.", }, ], id: "CVE-2022-48832", lastModified: "2024-11-21T07:34:10.327", metrics: {}, published: "2024-07-16T12:15:06.750", references: [ { source: "416baaa9-dc9f-4396-8d5f-8c081fb06d67", url: "https://git.kernel.org/stable/c/310c9ddfdf1f8d3c9834f02175eae79c8b254b6c", }, { source: "416baaa9-dc9f-4396-8d5f-8c081fb06d67", url: "https://git.kernel.org/stable/c/7a82f89de92aac5a244d3735b2bd162c1147620c", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.kernel.org/stable/c/310c9ddfdf1f8d3c9834f02175eae79c8b254b6c", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.kernel.org/stable/c/7a82f89de92aac5a244d3735b2bd162c1147620c", }, ], sourceIdentifier: "416baaa9-dc9f-4396-8d5f-8c081fb06d67", vulnStatus: "Awaiting Analysis", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.