HIGH✓ PATCH🇬🇧 English

CVE-2022-1729

CVSS 7.0v3.1pub. 2022-09-01upd. 2024-11-21

A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Linux Kernel

    OS
    Linux
    3.2.85 – 3.3 (bez)3.16.40 – 3.17 (bez)3.18.54 – 3.19 (bez)4.0.0 – 4.9.316 (bez)4.10 – 4.14.281 (bez)4.15 – 4.19.245 (bez)4.20 – 5.4.196 (bez)5.5.0 – 5.10.118 (bez)5.11 – 5.15.42 (bez)5.16 – 5.17.10 (bez)
  • Netapp Hci Baseboard Management Controller

    APP
    Netapp
    h300sh410sh500sh700s
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
Race Condition
CWE
Referencje

Powiązane podatności

CVE-2025-10585CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty

CVE-2025-34028CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Commvault Command Center – nieuwierzytelniony RCE przez path traversal w ZIP

CVE-2022-47986CRITICAL9.8⚠ KEVten sam produkt

IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on t...

CVE-2022-22954CRITICAL9.8⚠ KEVten sam produkt

VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-s...

CVE-2020-4006CRITICAL9.1⚠ KEVten sam produkt

VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a...