CVE-2022-28656 — Vulnetix

CVE-2022-28656 PUBLISHED CVSS 5.5 MEDIUM

is_closing_session() allows users to consume RAM in the Apport process

EPSS 0.04% · 11.0th percentile

Risk Scores

CVSS 3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Score

0.04%

11.0th percentile

Affected Products

Vendor	Product	Versions
canonical	ubuntu_linux	18.04, 20.04, 21.10
apport_project	apport	0
Canonical Ltd.	Apport	0

Exploit Intelligence

https://ubuntu.com/security/notices/USN-5427-1 (circl)
https://www.cve.org/CVERecord?id=CVE-2022-28656 (circl)

Timeline

Jun 4, 2024 CVE Published
Jun 6, 2024 EPSS Score
Jun 29, 2024 EPSS Score
Jul 22, 2024 EPSS Score
Aug 15, 2024 EPSS Score
Sep 7, 2024 EPSS Score
Sep 30, 2024 EPSS Score
Oct 23, 2024 EPSS Score
Nov 15, 2024 EPSS Score
Dec 10, 2024 EPSS Score
Jan 2, 2025 EPSS Score
Jan 25, 2025 EPSS Score

References

https://ubuntu.com/security/notices/USN-5427-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2022-28656 issue
https://nvd.nist.gov/vuln/detail/CVE-2022-28656 advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›