Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMC32B36CBBDCA69B4F743CF07D5A46C35A4644AB1CADA3339DF160495B84F3E3D
HistorySep 28, 2024 - 3:08 p.m.

Security Bulletin: Vulnerability in linux affects IBM Integrated Analytics System [CVE-2022-1679]

2024-09-2815:08:17
www.ibm.com
1
ibm integrated analytics system
linux kernel
vulnerability
cve-2022-1679
elevated privileges
use-after-free
ath9k_htc_wait_for_target
atheros wireless adapter
denial of service
cvss
fix central

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.5

Confidence

High

JSON

Summary

Redhat provided linux is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE [CVE-2022-1679]

Vulnerability Details

CVEID:CVE-2022-1679
**DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in the ath9k_htc_wait_for_target function of the Atheros wireless adapter driver. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain elevated privileges, or cause a denial of service.
CVSS Base score: 7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/226853 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Integrated Analytics System 1.0.0-1.0.28.2

Remediation/Fixes

Affected Product(s) VRMF Remediation/Fixes
IBM Integrated Analytics System 1.0.30.0 Link to Fix Central

Workarounds and Mitigations

None

Affected configurations

Vulners
Node
ibmsmart_analytics_system_7710Matchany
VendorProductVersionCPE
ibmsmart_analytics_system_7710anycpe:2.3:a:ibm:smart_analytics_system_7710:any:*:*:*:*:*:*:*

Related

githubexploit 2
osv 19
nvd 1
redhatcve 1
cvelist 1
ubuntucve 1
veracode 1
cve 1
debiancve 1
prion 1
openvas 41
nessus 82
ubuntu 12
mageia 2
oraclelinux 4
amazon 5
suse 7
debian 2
almalinux 4
photon 2
redos 1
redhat 7
slackware 1
githubexploit
githubexploit
Exploit for Use After Free in Linux Linux Kernel
2022-10-25 13:15:20
Exploit for Use After Free in Linux Linux Kernel
2023-09-12 17:47:01
osv
osv
kernel-devel-5.18.6-1.1 on GA media
2024-06-15 00:00:00
linux-oem-5.14 vulnerabilities
2022-07-13 23:52:43
linux, linux-hwe-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15 vulnerabilities
2022-08-02 04:11:31
nvd
nvd
CVE-2022-1679
2022-05-16 18:15:08
redhatcve
redhatcve
CVE-2022-1679
2022-05-12 05:36:06
cvelist
cvelist
CVE-2022-1679
2022-05-16 00:00:00
ubuntucve
ubuntucve
CVE-2022-1679
2022-05-16 00:00:00
veracode
veracode
Use After Free
2022-09-16 19:50:27
cve
cve
CVE-2022-1679
2022-05-16 18:15:08
debiancve
debiancve
CVE-2022-1679
2022-05-16 18:15:08
prion
prion
Design/Logic Flaw
2022-05-16 18:15:00
openvas
openvas
Ubuntu: Security Advisory (USN-5517-1)
2022-07-15 00:00:00
Ubuntu: Security Advisory (USN-5544-1)
2022-08-03 00:00:00
Mageia: Security Advisory (MGASA-2022-0305)
2022-08-26 00:00:00
nessus
nessus
SUSE SLES15 Security Update : kernel (Live Patch 26 for SLE 15 SP2) (SUSE-SU-2022:2779-1)
2022-08-13 00:00:00
SUSE SLES15 Security Update : kernel (Live Patch 27 for SLE 15 SP2) (SUSE-SU-2022:2781-1)
2022-08-13 00:00:00
SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 30 for SLE 15) (SUSE-SU-2022:2762-1)
2022-08-11 00:00:00
ubuntu
ubuntu
Linux kernel (OEM) vulnerabilities
2022-07-13 00:00:00
Linux kernel vulnerabilities
2022-08-02 00:00:00
Linux kernel vulnerabilities
2022-07-01 00:00:00
mageia
mageia
Updated kernel packages fix security vulnerabilities
2022-08-26 00:21:07
Updated kernel-linus packages fix security vulnerabilities
2022-08-26 00:21:07
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2023-07-04 00:00:00
Unbreakable Enterprise kernel security update
2023-07-04 00:00:00
kernel security, bug fix, and enhancement update
2022-11-22 00:00:00
amazon
amazon
Important: kernel
2022-09-01 21:09:00
Important: kernel
2022-09-01 21:09:00
Important: kernel
2022-09-30 07:04:00
suse
suse
Security update for the Linux Kernel (important)
2022-07-13 00:00:00
Security update for the Linux Kernel (important)
2022-09-01 00:00:00
Security update for the Linux Kernel (important)
2022-09-01 00:00:00
debian
debian
[SECURITY] [DLA 3131-1] linux security update
2022-10-02 16:44:48
[SECURITY] [DLA 3173-1] linux-5.10 security update
2022-11-01 20:57:30
almalinux
almalinux
Moderate: kernel-rt security and bug fix update
2022-11-15 00:00:00
Moderate: kernel security, bug fix, and enhancement update
2022-11-15 00:00:00
Important: kernel-rt security and bug fix update
2023-05-16 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2022-4.0-0248
2022-09-20 00:00:00
Important Photon OS Security Update - PHSA-2022-3.0-0446
2022-09-07 00:00:00
redos
redos
ROS-20221220-01
2022-12-20 00:00:00
redhat
redhat
(RHSA-2023:2951) Important: kernel security, bug fix, and enhancement update
2023-05-16 05:59:02
(RHSA-2022:8267) Moderate: kernel security, bug fix, and enhancement update
2022-11-15 06:19:55
(RHSA-2023:2736) Important: kernel-rt security and bug fix update
2023-05-16 05:53:24
slackware
slackware
[slackware-security] Slackware 15.0 kernel
2022-08-26 04:17:47

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.5

Confidence

High

JSON
Related for C32B36CBBDCA69B4F743CF07D5A46C35A4644AB1CADA3339DF160495B84F3E3D
githubexploit2osv19nvd1redhatcve1cvelist1ubuntucve1veracode1cve1debiancve1prion1openvas41nessus82ubuntu12mageia2oraclelinux4amazon5suse7debian2almalinux4photon2redos1redhat7slackware1