CVE-2022-0330 - Improper Preservation of Permissions

Severity

78%

Complexity

18%

Confidentiality

98%

A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.

CVSS 3.1 Base Score 7.8. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

CVSS 2.0 Base Score 4.6. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:P/A:P).

Overview

Type

Linux

First reported 2 years ago

2022-03-25 19:15:00

Last updated 2 years ago

2022-12-07 17:08:00

Affected Software

Linux Kernel

Red Hat Enterprise Linux 8.0

8.0

RedHat Enterprise Linux Desktop 7.0

7.0

RedHat Enterprise Linux Server 7.0

7.0

Red Hat Enterprise Linux Advanced mission critical Update Support (AUS) 7.3

7.3

Red Hat Enterprise Linux Server Advanced mission critical Update Support (AUS) 7.4

7.4

Red Hat Enterprise Linux Server Advanced mission critical Update Support (AUS) 7.6

7.6

RedHat Enterprise Linux Workstation 7.0

7.0

References

https://www.openwall.com/lists/oss-security/2022/01/25/12

https://bugzilla.redhat.com/show_bug.cgi?id=2042404

https://www.openwall.com/lists/oss-security/2022/01/25/12

Mailing List, Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2042404

Issue Tracking, Third Party Advisory

https://security.netapp.com/advisory/ntap-20220526-0001/

https://security.netapp.com/advisory/ntap-20220526-0001/

Third Party Advisory

[oss-security] 20221130 Security sensitive bug in the i915 kernel driver (CVE-2022-4139)

[oss-security] 20221130 Security sensitive bug in the i915 kernel driver (CVE-2022-4139)

Mailing List, Third Party Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.