CVE-2022-28658 — Vulnetix

CVE-2022-28658 PUBLISHED CVSS 5.5 MEDIUM

Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing

EPSS 0.04% · 11.6th percentile

Risk Scores

CVSS 3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

EPSS Score

0.04%

11.6th percentile

Affected Products

Vendor	Product	Versions
apport_project	apport	0
canonical	ubuntu_linux	18.04, 20.04, 22.04
Canonical Ltd.	Apport	0

Exploit Intelligence

https://ubuntu.com/security/notices/USN-5427-1 (circl)
https://www.cve.org/CVERecord?id=CVE-2022-28658 (circl)

Timeline

Jun 4, 2024 CVE Published
Jun 6, 2024 EPSS Score
Jun 29, 2024 EPSS Score
Jul 22, 2024 EPSS Score
Aug 15, 2024 EPSS Score
Sep 7, 2024 EPSS Score
Sep 30, 2024 EPSS Score
Oct 23, 2024 EPSS Score
Oct 27, 2024 CVE Updated
Nov 15, 2024 EPSS Score
Dec 10, 2024 EPSS Score
Jan 2, 2025 EPSS Score

References

https://ubuntu.com/security/notices/USN-5427-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2022-28658 issue
https://nvd.nist.gov/vuln/detail/CVE-2022-28658 advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›