Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2064855 | Issue Tracking Third Party Advisory |
https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git/commit/?h=for-next | Vendor Advisory |
https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html | Mailing List Third Party Advisory |
https://www.debian.org/security/2022/dsa-5173 | Third Party Advisory |
https://www.oracle.com/security-alerts/cpujul2022.html | Third Party Advisory |
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
|
Configuration 15 (hide)
|
12 Oct 2022, 13:27
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:netapp:hci_baseboard_management_controller:h500e:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h300e:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h700e:*:*:*:*:*:*:* |
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.6:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.6:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:redhat:build_of_quarkus:2.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:* cpe:2.3:a:redhat:developer_tools:1.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* |
First Time |
Redhat enterprise Linux For Real Time For Nfv Tus
Redhat enterprise Linux For Ibm Z Systems Redhat developer Tools Netapp h500s Redhat Netapp h500e Firmware Redhat codeready Linux Builder Netapp h410s Firmware Redhat enterprise Linux Server Tus Redhat enterprise Linux Redhat enterprise Linux For Ibm Z Systems Eus Netapp h700s Oracle communications Cloud Native Core Binding Support Function Netapp h700e Redhat enterprise Linux For Power Little Endian Eus Netapp h410c Firmware Debian debian Linux Redhat enterprise Linux For Real Time Redhat virtualization Host Redhat enterprise Linux Server Update Services For Sap Solutions Redhat enterprise Linux For Real Time Tus Netapp h500s Firmware Netapp h500e Netapp h700e Firmware Redhat enterprise Linux Eus Redhat enterprise Linux For Real Time For Nfv Redhat enterprise Linux Server Aus Debian Netapp h300e Redhat build Of Quarkus Netapp h300e Firmware Netapp h300s Netapp h410c Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Netapp h300s Firmware Netapp h700s Firmware Oracle Netapp h410s Redhat enterprise Linux For Power Little Endian |
|
References | (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - Third Party Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2064855 - Issue Tracking, Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2022/dsa-5173 - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html - Mailing List, Third Party Advisory |
25 Jul 2022, 18:19
Type | Values Removed | Values Added |
---|---|---|
References |
|
04 Jul 2022, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 Jul 2022, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
29 Apr 2022, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. |
27 Apr 2022, 19:25
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h300e:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h700e:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h500e:*:*:*:*:*:*:* |
|
References | (MISC) http://packetstormsecurity.com/files/166772/Linux-FUSE-Use-After-Free.html - Third Party Advisory, VDB Entry | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20220425-0002/ - Third Party Advisory | |
First Time |
Netapp
Netapp hci Baseboard Management Controller |
25 Apr 2022, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
19 Apr 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
24 Mar 2022, 14:34
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git/commit/?h=for-next - Vendor Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BG4J46EMFPDD5QHYXDUI3PJCZQ7HQAZR/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C5AUUDGSDLGYU7SZSK4PFAN22NISQZBT/ - Mailing List, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 7.8 |
CWE | CWE-416 | |
First Time |
Linux linux Kernel
Fedoraproject fedora Linux Fedoraproject |
|
CPE | cpe:2.3:o:linux:linux_kernel:5.17:rc7:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.17:-:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* |
18 Mar 2022, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
18 Mar 2022, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
18 Mar 2022, 19:12
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Published : 2022-03-18 18:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-1011
Mitre link : CVE-2022-1011
CVE.ORG link : CVE-2022-1011
JSON object : View
netapp
- h700s_firmware
- h700e
- h700e_firmware
- h700s
- h300s_firmware
- h300s
- h300e
- h500e_firmware
- h410c_firmware
- h500s
- h410c
- h410s
- h410s_firmware
- h500s_firmware
- h300e_firmware
- h500e
debian
- debian_linux
redhat
- enterprise_linux_server_aus
- enterprise_linux_server_tus
- enterprise_linux_eus
- enterprise_linux_for_real_time_for_nfv
- enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
- enterprise_linux_for_ibm_z_systems
- enterprise_linux_for_power_little_endian_eus
- codeready_linux_builder
- enterprise_linux_for_ibm_z_systems_eus
- build_of_quarkus
- enterprise_linux_for_real_time_for_nfv_tus
- virtualization_host
- enterprise_linux_for_power_little_endian
- developer_tools
- enterprise_linux_for_real_time_tus
- enterprise_linux
- enterprise_linux_for_real_time
- enterprise_linux_server_update_services_for_sap_solutions
linux
- linux_kernel
fedoraproject
- fedora
oracle
- communications_cloud_native_core_binding_support_function
Use After Free