CVE-2022-1679

Updated: 2024-11-24 04:56:31.222031

Description:

A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x HIGH 7.2
CVSS Version 3.x HIGH 7.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 7.8 HIGH Already Fixed 2024-02-28 08:40:34
AlmaLinux 9.2 FIPS kernel 5.14.0 7.8 HIGH Already Fixed 2024-02-28 08:40:34
CentOS 6 ELS kernel 2.6.32 7.8 HIGH Released CLSA-2024:1733158910 2024-12-12 11:58:24
CentOS 7 ELS kernel 3.10.0 7.8 HIGH Released CLSA-2024:1720468480 2024-07-23 17:25:04
CentOS 8.4 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2023:1683229770 2023-05-04 17:08:36
CentOS 8.5 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2023:1683146027 2023-05-04 17:08:35
CentOS Stream 8 ELS kernel 4.18.0 7.8 HIGH Already Fixed 2024-10-12 10:41:27
CloudLinux 6 ELS kernel 2.6.32 7.8 HIGH Ignored 2024-10-09 03:41:16
CloudLinux 7 ELS kernel 3.10.0 7.8 HIGH In Testing 2024-10-24 00:58:10
Oracle Linux 6 ELS kernel 2.6.32 7.8 HIGH Released CLSA-2024:1733142398 2024-12-02 09:58:47
Total: 13