VDB
CVE-2022-1280
CVE-2022-1280
PUBLISHED
Es existiert eine Schwachstelle im Linux Kernel. Dabei handelt es sich um ein use-after-free Problem. Freigegebener Speicher wird parallel von drm_setmaster_ioctl und drm_mode_getresources genutzt. Ein Angreifer kann diese Schwachstelle ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
EPSS 0.02% · 5.8th percentile
Risk Scores
EPSS Score
0.02%
5.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM | IBM Spectrum Protect plus 10.1 | |
| Oracle | Oracle Linux | |
| SUSE | SUSE Linux | |
| Red Hat | Red Hat Enterprise Linux |
Exploit Intelligence
- Simplified Version of Cryptography Attack based on Birthday Paradox: Sweet32 (CVE-2016-2183) (github-poc)
- Simplified Version of Cryptography Attack based on Birthday Paradox: Sweet32 (CVE-2016-2183) (github-poc)
- Simplified Version of Cryptography Attack based on Birthday Paradox: Sweet32 (CVE-2016-2183) (github-poc)
- Simplified Version of Cryptography Attack based on Birthday Paradox: Sweet32 (CVE-2016-2183) (github-poc)
- Simplified Version of Cryptography Attack based on Birthday Paradox: Sweet32 (CVE-2016-2183) (github-poc)
- CIRCL seen: CVE-2022-30594 (circl-sighting)
- http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html (circl)
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee1fee900537b5d9560e9f937402de5ddc8412f3 (circl)
- https://bugs.chromium.org/p/project-zero/issues/detail?id=2276 (circl)
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.2 (circl)
…and 225 more exploits
Timeline
- Jun 28, 2021 PoC Published
- Dec 11, 2021 PoC Published
- Dec 13, 2021 PoC Published
- Apr 12, 2022 CVE Published
- Apr 14, 2022 EPSS Score
- Jun 3, 2022 EPSS Score
- Jun 7, 2022 PoC Published
- Jul 24, 2022 EPSS Score
- Sep 13, 2022 EPSS Score
- Sep 16, 2022 PoC Published
- Nov 2, 2022 EPSS Score
- Dec 22, 2022 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0574.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0574 advisory
- https://www.ibm.com/support/pages/node/7005589 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-May/011035.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-May/011033.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-May/011024.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-May/011019.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-May/011018.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-May/011165.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-May/011163.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-May/011117.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-May/011134.html advisory
- https://seclists.org/oss-sec/2022/q2/39 advisory
- https://seclists.org/oss-sec/2022/q2/35 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-May/010994.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-July/011401.html advisory
- https://linux.oracle.com/errata/ELSA-2022-9829.html advisory
- https://linux.oracle.com/errata/ELSA-2022-9828.html advisory
- https://www.oracle.com/security-alerts/linuxbulletinoct2022.html advisory
- https://access.redhat.com/errata/RHSA-2022:8267 advisory
…and 2 more