A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rose_bind() function. This flaw allows a local user to crash or potentially escalate their privileges on the system.
References
Link | Resource |
---|---|
https://access.redhat.com/security/cve/CVE-2022-2961 | Issue Tracking Third Party Advisory |
https://security.netapp.com/advisory/ntap-20230214-0004/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
History
28 Jun 2023, 20:34
Type | Values Removed | Values Added |
---|---|---|
First Time |
Netapp h300s Firmware
Netapp h410c Netapp h410s Firmware Netapp Netapp h410s Netapp h300s Netapp h500s Netapp h700s Netapp h700s Firmware Netapp h500s Firmware Netapp h410c Firmware |
|
CPE | cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* |
|
CWE | CWE-362 | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20230214-0004/ - Third Party Advisory |
Information
Published : 2022-08-29 15:15
Updated : 2024-02-28 19:29
NVD link : CVE-2022-2961
Mitre link : CVE-2022-2961
CVE.ORG link : CVE-2022-2961
JSON object : View
Products Affected
netapp
- h410c_firmware
- h300s_firmware
- h500s_firmware
- h410s_firmware
- h500s
- h700s_firmware
- h700s
- h410s
- h410c
- h300s
linux
- linux_kernel
fedoraproject
- fedora