CVE-2022-28655 — Vulnetix

CVE-2022-28655 PUBLISHED CVSS 7.099999904632568 HIGH

is_closing_session() allows users to create arbitrary tcp dbus connections

EPSS 0.04% · 11.1th percentile

Risk Scores

CVSS 3.1

7.099999904632568

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

EPSS Score

0.04%

11.1th percentile

Affected Products

Vendor	Product	Versions
Canonical Ltd.	Apport	0
apport_project	apport	0
canonical	ubuntu_linux	18.04, 21.10, 22.04

Exploit Intelligence

https://ubuntu.com/security/notices/USN-5427-1 (circl)
https://www.cve.org/CVERecord?id=CVE-2022-28655 (circl)

Timeline

Jun 4, 2024 CVE Published
Jun 6, 2024 EPSS Score
Jun 29, 2024 EPSS Score
Jul 22, 2024 EPSS Score
Aug 15, 2024 EPSS Score
Sep 7, 2024 EPSS Score
Sep 30, 2024 EPSS Score
Oct 23, 2024 EPSS Score
Oct 27, 2024 CVE Updated
Nov 15, 2024 EPSS Score
Dec 10, 2024 EPSS Score
Jan 2, 2025 EPSS Score

References

https://ubuntu.com/security/notices/USN-5427-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2022-28655 issue
https://nvd.nist.gov/vuln/detail/CVE-2022-28655 advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›