#VU61217 Permissions, Privileges, and Access Controls in Linux kernel


Published: 2023-01-31

Vulnerability identifier: #VU61217

Vulnerability risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-22942

CWE-ID: CWE-264

Exploitation vector: Local

Exploit availability: Yes

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to an error in the vmwgfx driver in Linux kernel. A local unprivileged user can gain access to files opened by other processes on the system through a dangling 'file' pointer.

Exploiting this vulnerability requires an attacker to have access to either /dev/dri/card0 or /dev/dri/rendererD128 and be able to issue an ioctl() on the resulting file descriptor.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Linux kernel: All versions

CPE

External links
http://www.openwall.com/lists/oss-security/2022/01/27/4
http://www.openwall.com/lists/oss-security/2022/02/03/1
http://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a0f90c8815706981c483a652a6aefca51a5e191c

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?


Latest bulletins with this vulnerability


Multiple vulnerabilities in IBM QRadar Network Security
Multiple vulnerabilities in Junos Space
SUSE update for the Linux Kernel
SUSE update for the Linux Kernel (Live Patch 30 for SLE 15 SP1)
SUSE update for the Linux Kernel (Live Patch 4 for SLE 15 SP3)
SUSE update for the Linux Kernel (Live Patch 26 for SLE 12 SP5)
SUSE update for the Linux Kernel (Live Patch 12 for SLE 15 SP3)
SUSE update for the Linux Kernel (Live Patch 26 for SLE 15 SP1)
SUSE update for the Linux Kernel (Live Patch 18 for SLE 15 SP2)
SUSE update for the Linux Kernel (Live Patch 24 for SLE 15 SP1)