CVE-2022-40476 — Vulnetix

CVE-2022-40476 PUBLISHED

Es existiert eine Schwachstelle im Linux Kernel. Diese ist auf eine Null-Zeiger-Dereferenzierung zurückzuführen, welche in "io_req_track_inflight" in "fs/io_uring.c." besteht. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuführen.

EPSS 0.16% · 36.7th percentile

Risk Scores

EPSS Score

0.16%

36.7th percentile

Affected Products

Vendor	Product	Versions
SUSE	SUSE Linux

Exploit Intelligence

CVE-2022-32250.yara (github-yara)
CVE-2022-32250.yara (github-yara)
CVE-2022-32250.yara (github-yara)
CVE-2022-32250.yara (github-yara)
CVE-2022-32250.yara (github-yara)

Timeline

Sep 14, 2022 CVE Published
Sep 15, 2022 EPSS Score
Oct 30, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Jan 28, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 14, 2023 EPSS Score
Apr 28, 2023 EPSS Score
Jun 12, 2023 EPSS Score
Jul 27, 2023 EPSS Score
Sep 9, 2023 EPSS Score
Oct 24, 2023 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1655.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1655 advisory
https://lists.suse.com/pipermail/sle-security-updates/2022-December/013342.html advisory
https://lists.suse.com/pipermail/sle-security-updates/2022-November/012989.html advisory
https://lists.suse.com/pipermail/sle-security-updates/2022-November/012930.html advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2133407 advisory

Open in Interactive Console →