#VU71663 Security features bypass in kernel (Red Hat package) - CVE-2022-1665

Cybersecurity Help s.r.o.

Published: 2023-01-30

Vulnerability identifier: #VU71663

Vulnerability risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-1665

CWE-ID: CWE-254

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
kernel (Red Hat package)
Operating systems & Components / Operating system package or component

Vendor: Red Hat Inc.

Description

The vulnerability allows an attacker to compromise the affected system.

The vulnerability exists due to missing secure boot lockdown patches applied to kernel. An attacker with physical access to device can bypass the secure boot validation and load non-trusted code on the system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

kernel (Red Hat package): before 5.14.0-70.43.1.el9_0

External links
https://bugzilla.redhat.com/show_bug.cgi?id=2089529

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Red Hat Enterprise Linux 9.0 Extended Update Support update for kernel