Ubuntu.comUB:CVE-2022-36123

HistoryJul 29, 2022 - 12:00 a.m.

CVE-2022-36123

2022-07-2900:00:00

ubuntu.com

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

30.4%

JSON

The Linux kernel before 5.18.13 lacks a certain clear operation for the
block starting symbol (.bss). This allows Xen PV guest OS users to cause a
denial of service or gain privileges.

Bugs

<https://bugzilla.suse.com/show_bug.cgi?id=CVE-2022-36123>

OSVersionArchitecturePackageVersionFilename
ubuntu24.04noarchlinux-gke< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	24.04	noarch	linux-gke	< any	UNKNOWN

References

cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.13

github.com/sickcodes/security/blob/master/advisories/SICK-2022-128.md

github.com/torvalds/linux/commit/74a0032b8524ee2bd4443128c0bf9775928680b0

github.com/torvalds/linux/commit/96e8fc5818686d4a1591bb6907e7fdb64ef29884

launchpad.net/bugs/cve/CVE-2022-36123

nvd.nist.gov/vuln/detail/CVE-2022-36123

security-tracker.debian.org/tracker/CVE-2022-36123

sick.codes/sick-2022-128

www.cve.org/CVERecord?id=CVE-2022-36123

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

30.4%

JSON

Related for UB:CVE-2022-36123