CVE-2022-4139

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-4139
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://bugzilla.redhat.com/show_bug.cgi?id=2147572 Issue Tracking Patch Third Party Advisory
https://security.netapp.com/advisory/ntap-20230309-0004/ Third Party Advisory
https://www.openwall.com/lists/oss-security/2022/11/30/1 Mailing List Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2147572 Issue Tracking Patch Third Party Advisory
https://security.netapp.com/advisory/ntap-20230309-0004/ Third Party Advisory
https://www.openwall.com/lists/oss-security/2022/11/30/1 Mailing List Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.1:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*
History

21 Nov 2024, 07:34

Type Values Removed Values Added
Summary
  • (es) Se encontró un problema de descarga TLB incorrecto en el controlador del kernel GPU i915 del kernel de Linux, lo que podría provocar daños aleatorios en la memoria o fugas de datos. Esta falla podría permitir que un usuario local bloquee el sistema o aumente sus privilegios en el sistema.
References () https://bugzilla.redhat.com/show_bug.cgi?id=2147572 - Issue Tracking, Patch, Third Party Advisory () https://bugzilla.redhat.com/show_bug.cgi?id=2147572 - Issue Tracking, Patch, Third Party Advisory
References () https://security.netapp.com/advisory/ntap-20230309-0004/ - Third Party Advisory () https://security.netapp.com/advisory/ntap-20230309-0004/ - Third Party Advisory
References () https://www.openwall.com/lists/oss-security/2022/11/30/1 - Mailing List, Third Party Advisory () https://www.openwall.com/lists/oss-security/2022/11/30/1 - Mailing List, Third Party Advisory
Information

Published : 2023-01-27 18:15

Updated : 2024-11-21 07:34

NVD link : CVE-2022-4139

Mitre link : CVE-2022-4139

CVE.ORG link : CVE-2022-4139

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-281

Improper Preservation of Permissions

CWE-401

Missing Release of Memory after Effective Lifetime


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024