CVE-2022-2602

2024-01-0817:56:16

CWE-416

canonical

www.cve.org

uaf

io_uring

unix

scm

garbage collection

5.3 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H

8 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

15.9%

JSON

io_uring UAF, Unix SCM garbage collection

CNA Affected

[
  {
    "packageName": "linux",
    "product": "linux",
    "vendor": "The Linux Kernel Organization",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git",
    "platforms": [
      "Linux"
    ],
    "versions": [
      {
        "lessThan": "6.1~rc1",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]