CVE-2022-4378

Updated: 2024-11-24 04:32:30.287365

Description:

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x HIGH 7.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

CentOS 6 ELS kernel 2.6.32 7.8 HIGH Released CLSA-2023:1682705952 2023-05-04 17:05:31
CentOS 7 ELS kernel 3.10.0 7.8 HIGH Not Vulnerable 2023-11-03 14:07:32
CentOS 8.4 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2023:1690287378 2023-07-25 09:11:24
CentOS 8.5 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2023:1690294029 2023-07-25 11:07:15
CloudLinux 6 ELS kernel 2.6.32 7.8 HIGH Ignored 2025-01-10 22:44:19
Oracle Linux 6 ELS kernel 2.6.32 7.8 HIGH Released CLSA-2023:1682711913 2023-04-28 17:05:19
Ubuntu 16.04 ELS linux-hwe 4.15.0 7.8 HIGH Released CLSA-2023:1677764911 2023-03-02 10:04:08
Ubuntu 16.04 ELS linux 4.4.0 7.8 HIGH Not Vulnerable 2023-04-21 03:19:05
Ubuntu 18.04 ELS linux 4.15.0 7.8 HIGH Not Vulnerable 2023-08-28 21:17:06