CVE-2022-1011

Updated: 2024-11-24 04:42:14.355475

Description:

A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 4.6
CVSS Version 3.x HIGH 7.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 7.8 HIGH Already Fixed 2024-01-18 13:11:01
AlmaLinux 9.2 FIPS kernel 5.14.0 7.8 HIGH Already Fixed 2024-01-18 13:10:02
CentOS 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2022-04-29 12:40:50
CentOS 7 ELS kernel 3.10.0 7.8 HIGH Released CLSA-2024:1720468480 2024-07-23 17:33:14
CentOS 8.4 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2022:1655822512 2022-06-21 11:48:12
CentOS 8.5 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2022:1655821334 2022-06-21 11:48:12
CentOS Stream 8 ELS kernel 4.18.0 7.8 HIGH Already Fixed 2024-06-09 11:20:31
CloudLinux 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2022-11-30 10:07:11
CloudLinux 7 ELS kernel 3.10.0 7.8 HIGH In Testing 2024-10-22 10:57:24
Oracle Linux 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2022-11-30 10:07:11
Total: 14