Exploit Report

Exploit Report

Computer Security And Bug Information

CVE-2022-3424

Last Updated: March 13, 2023
CVECVE-2022-3424
CVE Title
Published Date2023-03-06T23:15Z
Modified Date2023-03-13T18:59Z
CWE TypeCWE-416
CVSS 3.xCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
DescriptionA use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate their privileges on the system.
References
By clicking these links you will leave this website. We do not endorse and will not be held accountable for any activity on external sites.
Reference URLhttps://bugzilla.redhat.com/show_bug.cgi?id=2132640
Reference DescriptionMISC https://bugzilla.redhat.com/show_bug.cgi?id=2132640
Reference URLhttps://github.com/torvalds/linux/commit/643a16a0eb1d6ac23744bb6e90a00fc21148a9dc
Reference DescriptionMISC https://github.com/torvalds/linux/commit/643a16a0eb1d6ac23744bb6e90a00fc21148a9dc
Reference URLhttps://lore.kernel.org/all/[email protected]/
Reference DescriptionMISC https://lore.kernel.org/all/[email protected]/
Reference URLhttps://www.spinics.net/lists/kernel/msg4518970.html
Reference DescriptionMISC https://www.spinics.net/lists/kernel/msg4518970.html
TagsIssue Tracking Patch Third Party Advisory
Sources NIST MITRE

This site's data is aggregated programmatically and provided "as is" without any representations or warranties, express or implied. Exploit.report is not affiliated with the The MITRE Corporation, U.S. Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA), or US government in any way. CVE and the CVE logo are registered trademarks of The MITRE Corporation

© 2022 Exploit.Report | Data | Contact | Privacy Policy | Articles