CVE-2022-3424

Published: Mar 6, 2023Modified: Mar 6, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Affected (9)

Products: Linux: Linux Kernel · Redhat: Enterprise Linux

1 product

1 product

Enterprise Linux

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 2.6.33 to 4.9.337
Linux Linux Kernel	From 4.10 to 4.14.303
Linux Linux Kernel	From 4.15 to 4.19.270
Linux Linux Kernel	From 4.20 to 5.4.229
Linux Linux Kernel	From 5.11 to 5.15.86
Linux Linux Kernel	From 5.16 to 6.0.16
Linux Linux Kernel	From 5.5 to 5.10.163
Linux Linux Kernel	From 6.1 to 6.1.2

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 9.0

Related CWEs

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (14)

https://bugzilla.redhat.com/show_bug.cgi?id=2132640

Source: secalert@redhat.com

Issue TrackingPatchThird Party Advisory

https://github.com/torvalds/linux/commit/643a16a0eb1d6ac23744bb6e90a00fc21148a9dc

Source: secalert@redhat.com

Patch

https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

https://lore.kernel.org/all/20221019031445.901570-1-zyytlz.wz%40163.com/

Source: secalert@redhat.com

https://security.netapp.com/advisory/ntap-20230406-0005/

Source: secalert@redhat.com

Third Party Advisory

https://www.spinics.net/lists/kernel/msg4518970.html

Source: secalert@redhat.com

Mailing ListPatch

https://bugzilla.redhat.com/show_bug.cgi?id=2132640

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchThird Party Advisory

https://github.com/torvalds/linux/commit/643a16a0eb1d6ac23744bb6e90a00fc21148a9dc

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://lore.kernel.org/all/20221019031445.901570-1-zyytlz.wz%40163.com/

Source: af854a3a-2127-422b-91ae-364da2661108

https://security.netapp.com/advisory/ntap-20230406-0005/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.spinics.net/lists/kernel/msg4518970.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatch

Timeline

No history available yet.