CVE-2022-1055

Updated: 2024-11-23 05:36:59.303011

Description:

A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 4.6000000000000005
CVSS Version 3.x HIGH 7.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 7.8 HIGH Already Fixed 2024-01-18 13:10:09
CentOS 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2024-10-14 10:46:44
CentOS 7 ELS kernel 3.10.0 7.8 HIGH Released CLSA-2024:1728935304 2024-10-25 01:02:54
CentOS 8.4 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2023:1686585068 2023-06-13 09:13:20
CentOS 8.5 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2023:1686651204 2023-06-13 09:13:21
CentOS Stream 8 ELS kernel 4.18.0 7.8 HIGH Already Fixed 2024-10-09 14:25:20
CloudLinux 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2024-10-14 10:46:44
CloudLinux 7 ELS kernel 3.10.0 7.8 HIGH Ignored 2025-01-10 22:43:24
Oracle Linux 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2024-10-14 10:46:44
RHEL 7 ELS kernel 3.10.0 7.8 HIGH Released CLSA-2025:1750353839 2025-06-20 04:45:07
Total: 13