admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-10xx/CVE-2022-1048.json
cad-safe-bot 937cc80b2d Auto-Update: 2023-08-04T18:00:34.940204+00:00
2023-08-04 18:00:38 +00:00

445 lines
13 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-1048",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-04-29T16:15:08.470",
"lastModified": "2023-08-04T17:23:13.260",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free flaw was found in the Linux kernel\u2019s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system."
},
{
"lang": "es",
"value": "Se ha encontrado un fallo de uso de memoria previamente liberada en el subsistema de sonido del kernel de Linux en la forma en que un usuario desencadena las llamadas concurrentes de PCM hw_params. La ioctls hw_free o una condici\u00f3n de carrera similar ocurre dentro de ALSA PCM para otras ioctls. Este defecto permite a un usuario local bloquear o potencialmente escalar sus privilegios en el sistema"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"accessVector": "LOCAL",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
},
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.12",
"versionEndExcluding": "4.14.279",
"matchCriteriaId": "5E4D3CC3-B793-47B0-A9CC-76849B61DA2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.243",
"matchCriteriaId": "8577DA08-190B-481F-B919-ED3DAEA3E339"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.193",
"matchCriteriaId": "EA77E853-1F30-4942-8B6A-37B168460310"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.109",
"matchCriteriaId": "F3E1A428-8D87-4CD4-B9CA-C621B32933F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.32",
"matchCriteriaId": "3191B916-53BD-46E6-AE21-58197D35768E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.18",
"matchCriteriaId": "C86410A0-E312-4F41-93E9-929EAFB31757"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:-:*:*:*:*:*:*",
"matchCriteriaId": "A59F7FD3-F505-48BD-8875-F07A33F42F6C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:baseboard_management_controller_h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1746E116-3B82-4F65-B540-63D4058BD471"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04FD1F9A-8F43-4509-9A49-714C54C4783C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:baseboard_management_controller_h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFC49B0-FC63-4F06-A9DC-B853186003A9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504201E4-04CD-4224-9264-C1AEAD480E36"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:baseboard_management_controller_h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BFAB819-0951-4D57-9B86-3CF590E50E7A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDA0D1D-3A1E-4CF5-BD6A-F05AE4E8CDDA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:baseboard_management_controller_h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88A6EDE4-DD97-45A9-8366-E999525AA68F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:baseboard_management_controller_h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2934495-6D4D-4C21-89E3-A2414ABDD5CE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:baseboard_management_controller_h300e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "806D1842-64F5-4F4C-B728-AFD0B99CE6EB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:baseboard_management_controller_h300e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "266DDF39-2707-401F-88AF-3761D1045202"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:baseboard_management_controller_h500e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4ED4148B-73E9-48DA-BB54-F5A43B21FD56"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:baseboard_management_controller_h500e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B09AB46C-8B35-4085-AD86-56EC06F665CB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:baseboard_management_controller_h700e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46BB915A-F2AE-4041-89F1-03547F819DFF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:baseboard_management_controller_h700e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A33DCDCD-58EC-495A-BD5E-BB612F5B8A39"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:baseboard_management_controller_h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8665C148-3C9E-4EC9-A281-293D2352B8B9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:baseboard_management_controller_h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A0CE664-32E5-4917-8319-7D2A31DCD72F"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066706",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://lore.kernel.org/lkml/20220322170720.3529-5-tiwai@suse.de/T/#m1d3b791b815556012c6be92f1c4a7086b854f7f3",
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20220629-0001/",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2022/dsa-5127",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2022/dsa-5173",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink