Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2022-1729
HistoryMay 20, 2022 - 12:00 a.m.

CVE-2022-1729

2022-05-2000:00:00
ubuntu.com
ubuntu.com
51
linux kernel
race condition
perf_event_open
unprivileged user
root privileges
ubuntu kernels
security_perf_events_restrict
kernel.perf_event_paranoid

CVSS3

7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

15.7%

JSON

A race condition was found the Linux kernel in perf_event_open() which can
be exploited by an unprivileged user to gain root privileges. The bug
allows to build several exploit primitives such as kernel address
information leak, arbitrary execution, etc.

Notes

Author Note
alexmurray Ubuntu kernels enable SECURITY_PERF_EVENTS_RESTRICT which sets kernel.perf_event_paranoid >= 3 and so disables unprivileged users from using perf by default. As such in their default configuration, Ubuntu kernels are not able to be exploited by this flaw to achieve local privilege escalation.
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-191.202UNKNOWN
ubuntu20.04noarchlinux< 5.4.0-126.142UNKNOWN
ubuntu22.04noarchlinux< 5.15.0-47.51UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-234.268UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1139.150UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1085.92UNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1019.23UNKNOWN
ubuntu14.04noarchlinux-aws< 4.4.0-1113.119UNKNOWN
ubuntu16.04noarchlinux-aws< 4.4.0-1151.166UNKNOWN
ubuntu20.04noarchlinux-aws-5.15< 5.15.0-1019.23~20.04.1UNKNOWN
Rows per page:
1-10 of 651

References

Related

openvas 36
redhat 18
oraclelinux 7
almalinux 4
nessus 65
cve 1
osv 22
rocky 2
fedora 9
prion 1
redhatcve 1
f5 1
cvelist 1
nvd 1
debiancve 1
veracode 1
cnvd 1
mageia 2
altlinux 1
photon 2
centos 1
ubuntu 13
amazon 3
ibm 2
ics 1
debian 1
suse 1
openvas
openvas
Fedora: Security Advisory for kernel (FEDORA-2022-014c3a24d9)
2022-05-29 00:00:00
Fedora: Security Advisory for kernel (FEDORA-2022-8095b23575)
2022-05-29 00:00:00
Fedora: Security Advisory for kernel-headers (FEDORA-2022-8095b23575)
2022-05-29 00:00:00
redhat
redhat
(RHSA-2022:6432) Important: kernel security and bug fix update
2022-09-13 07:16:29
(RHSA-2022:5565) Important: kernel-rt security and bug fix update
2022-07-13 06:31:32
(RHSA-2022:5564) Important: kernel security, bug fix, and enhancement update
2022-07-13 06:31:31
oraclelinux
oraclelinux
Unbreakable Enterprise kernel-container security update
2022-05-21 00:00:00
Unbreakable Enterprise kernel security update
2022-05-20 00:00:00
Unbreakable Enterprise kernel-container security update
2022-05-20 00:00:00
almalinux
almalinux
Important: kernel-rt security and bug fix update
2022-07-13 00:00:00
Important: kernel security, bug fix, and enhancement update
2022-07-13 00:00:00
Important: kernel security and bug fix update
2022-07-01 00:00:00
nessus
nessus
RHEL 7 : kernel (RHSA-2022:6432)
2022-09-13 00:00:00
Scientific Linux Security Update : kernel on SL7.x x86_64 (2022:5232)
2022-06-29 00:00:00
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9413)
2022-05-20 00:00:00
cve
cve
CVE-2022-1729
2022-09-01 21:15:09
osv
osv
Important: kernel security, bug fix, and enhancement update
2022-07-13 00:00:00
Important: kernel-rt security and bug fix update
2022-07-13 00:00:00
Important: kernel security, bug fix, and enhancement update
2022-07-13 06:31:31
rocky
rocky
kernel security, bug fix, and enhancement update
2022-07-13 06:31:31
kernel-rt security and bug fix update
2022-07-13 06:31:32
fedora
fedora
[SECURITY] Fedora 35 Update: kernel-headers-5.17.11-200.fc35
2022-05-28 01:22:58
[SECURITY] Fedora 35 Update: kernel-5.17.11-200.fc35
2022-05-28 01:22:58
[SECURITY] Fedora 36 Update: kernel-tools-5.17.11-300.fc36
2022-05-28 01:16:41
prion
prion
Race condition
2022-09-01 21:15:00
redhatcve
redhatcve
CVE-2022-1729
2022-05-23 11:19:47
f5
f5
K000132933 : Linux kernel vulnerability CVE-2022-1729
2023-03-13 00:00:00
cvelist
cvelist
CVE-2022-1729
2022-09-01 00:00:00
nvd
nvd
CVE-2022-1729
2022-09-01 21:15:09
debiancve
debiancve
CVE-2022-1729
2022-09-01 21:15:09
veracode
veracode
Denial Of Service
2022-07-05 00:43:35
cnvd
cnvd
Linux kernel competition condition issue vulnerability (CNVD-2022-74091)
2022-09-09 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2022-05-28 11:56:13
Updated kernel packages fix security vulnerabilities
2022-05-28 11:56:13
altlinux
altlinux
Security fix for the ALT Linux 10 package kernel-image-std-def version 2:5.10.118-alt1
2022-05-30 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2022-0488
2022-06-21 00:00:00
Important Photon OS Security Update - PHSA-2022-0201
2022-06-21 00:00:00
centos
centos
bpftool, kernel, perf, python security update
2022-08-02 19:42:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2022-09-21 00:00:00
Linux kernel (Azure CVM) vulnerabilities
2022-09-26 00:00:00
Linux kernel (GCP) vulnerabilities
2022-09-28 00:00:00
amazon
amazon
Important: kernel
2022-05-31 23:50:00
Important: kernel
2022-05-31 23:50:00
Important: kernel
2022-05-31 23:47:00
ibm
ibm
Security Bulletin: Vulnerabilities in Linux Kernel and OpenSSL may affect IBM Spectrum Copy Data Management
2022-09-17 01:21:23
Security Bulletin: Vulnerabilities in Linux Kernel, Golang Go, and cURL libcurl may affect IBM Spectrum Protect Plus
2022-12-13 19:27:41
ics
ics
Siemens SCALANCE XCM332
2023-04-13 12:00:00
debian
debian
[SECURITY] [DSA 5161-1] linux security update
2022-06-11 09:15:06
suse
suse
Security update for the Linux Kernel (important)
2022-06-14 00:00:00

CVSS3

7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

15.7%

JSON
Related for UB:CVE-2022-1729
openvas36redhat18oraclelinux7almalinux4nessus65cve1osv22rocky2fedora9prion1redhatcve1f51cvelist1nvd1debiancve1veracode1cnvd1mageia2altlinux1photon2centos1ubuntu13amazon3ibm2ics1debian1suse1