← Back

CVE-2022-30594

nvd nist
Published: May 12, 2022Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.

Affected (19)

Linux
1 product
Linux Kernel
Debian
1 product
Debian Linux
Netapp
11 products
Hci Compute Node
Solidfire, Enterprise Sds & Hci Storage Node
Solidfire & Hci Management Node
8300 Firmware
8700 Firmware
A400 Firmware
H300s Firmware
H500s Firmware
H700s Firmware
H410s Firmware
H410c Firmware
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Linux
Linux Kernel
Before 4.19.238
Linux Kernel
From 4.20 to 5.4.189
Linux Kernel
From 5.11 to 5.15.33
Linux Kernel
From 5.16.0 to 5.16.19
Linux Kernel
From 5.17 to 5.17.2
Linux Kernel
From 5.5.0 to 5.10.110
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Debian
Debian Linux
Version 10.0
Debian Linux
Version 9.0
Configuration C
3 vulnerable
Vulnerable SoftwareAffected Versions
Hci Compute Node
All versions
Solidfire, Enterprise Sds & Hci Storage Node
All versions
Solidfire & Hci Management Node
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
8300 Firmware
All versions
Running on/withPlatform Versions
Netapp
8300
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
8700 Firmware
All versions
Running on/withPlatform Versions
Netapp
8700
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
A400 Firmware
All versions
Running on/withPlatform Versions
Netapp
A400
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H300s Firmware
All versions
Running on/withPlatform Versions
Netapp
H300s
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H500s Firmware
All versions
Running on/withPlatform Versions
Netapp
H500s
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H700s Firmware
All versions
Running on/withPlatform Versions
Netapp
H700s
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H410s Firmware
All versions
Running on/withPlatform Versions
Netapp
H410s
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H410c Firmware
All versions
Running on/withPlatform Versions
Netapp
H410c
All versions

Related CWEs

CWE-862
Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

References (18)

Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
ExploitMailing ListPatchThird Party Advisory
Source: cve@mitre.org
Mailing ListPatchVendor Advisory
Source: cve@mitre.org
Mailing ListPatchVendor Advisory
Source: cve@mitre.org
PatchThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitMailing ListPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.