CVE-2022-1011

A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.

CVSS v3 7.8 HIGH
CVSS v2.0 4.6 MEDIUM

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.6^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=2064855	Issue Tracking Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git/commit/?h=for-next	Vendor Advisory
https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html	Mailing List Third Party Advisory
https://www.debian.org/security/2022/dsa-5173	Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:5.17:-::::::
	cpe:2.3:o:linux:linux_kernel:5.17:rc1::::::
	cpe:2.3:o:linux:linux_kernel:5.17:rc2::::::
	cpe:2.3:o:linux:linux_kernel:5.17:rc3::::::
	cpe:2.3:o:linux:linux_kernel:5.17:rc4::::::
	cpe:2.3:o:linux:linux_kernel:5.17:rc7::::::

Configuration 2 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:34:::::::*
	cpe:2.3:o:fedoraproject:fedora:35:::::::*

Configuration 3 (hide)

OR	cpe:2.3:a:redhat:build_of_quarkus:2.0:::::::*
	cpe:2.3:a:redhat:developer_tools:1.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.6:::::::*

Configuration 4 (hide)

AND

cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:a:redhat:codeready_linux_builder:-:*:*:*:*:*:*:*

OR	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6:::::::*

Configuration 6 (hide)

AND

cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

Configuration 14 (hide)

OR	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:10.0:::::::*

Configuration 15 (hide)

cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*

History

12 Oct 2022, 13:27

Type	Values Removed	Values Added
CPE	cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:::::::* cpe:2.3:a:netapp:hci_baseboard_management_controller:h500e:::::::* cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:::::::* cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:::::::* cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:::::::* cpe:2.3:a:netapp:hci_baseboard_management_controller:h300e:::::::* cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:::::::* cpe:2.3:a:netapp:hci_baseboard_management_controller:h700e:::::::*	cpe:2.3:o:netapp:h410s_firmware:-:::::::* cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:::::::* cpe:2.3:o:netapp:h500s_firmware:-:::::::* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::* cpe:2.3:h:netapp:h500e:-:::::::* cpe:2.3:a:redhat:codeready_linux_builder:-:::::::* cpe:2.3:o:netapp:h300e_firmware:-:::::::* cpe:2.3:h:netapp:h300e:-:::::::* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6:::::::* cpe:2.3:h:netapp:h410s:-:::::::* cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:::::::* cpe:2.3:o:netapp:h300s_firmware:-:::::::* cpe:2.3:h:netapp:h410c:-:::::::* cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.6:::::::* cpe:2.3:h:netapp:h700s:-:::::::* cpe:2.3:o:redhat:enterprise_linux:7.0:::::::* cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.6:::::::* cpe:2.3:o:debian:debian_linux:10.0:::::::* cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:::::::* cpe:2.3:o:netapp:h500e_firmware:-:::::::* cpe:2.3:a:redhat:build_of_quarkus:2.0:::::::* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6:::::::* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:::::::* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::* cpe:2.3:h:netapp:h500s:-:::::::* cpe:2.3:o:netapp:h700e_firmware:-:::::::* cpe:2.3:h:netapp:h700e:-:::::::* cpe:2.3:o:debian:debian_linux:9.0:::::::* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6:::::::* cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.6:::::::* cpe:2.3:o:redhat:enterprise_linux:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::* cpe:2.3:a:redhat:developer_tools:1.0:::::::* cpe:2.3:a:redhat:virtualization_host:4.0:::::::* cpe:2.3:h:netapp:h300s:-:::::::* cpe:2.3:o:netapp:h700s_firmware:-:::::::* cpe:2.3:o:netapp:h410c_firmware:-:::::::* cpe:2.3:o:redhat:enterprise_linux:8.6:::::::* cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
First Time		Redhat enterprise Linux For Real Time For Nfv Tus Redhat enterprise Linux For Ibm Z Systems Redhat developer Tools Netapp h500s Redhat Netapp h500e Firmware Redhat codeready Linux Builder Netapp h410s Firmware Redhat enterprise Linux Server Tus Redhat enterprise Linux Redhat enterprise Linux For Ibm Z Systems Eus Netapp h700s Oracle communications Cloud Native Core Binding Support Function Netapp h700e Redhat enterprise Linux For Power Little Endian Eus Netapp h410c Firmware Debian debian Linux Redhat enterprise Linux For Real Time Redhat virtualization Host Redhat enterprise Linux Server Update Services For Sap Solutions Redhat enterprise Linux For Real Time Tus Netapp h500s Firmware Netapp h500e Netapp h700e Firmware Redhat enterprise Linux Eus Redhat enterprise Linux For Real Time For Nfv Redhat enterprise Linux Server Aus Debian Netapp h300e Redhat build Of Quarkus Netapp h300e Firmware Netapp h300s Netapp h410c Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Netapp h300s Firmware Netapp h700s Firmware Oracle Netapp h410s Redhat enterprise Linux For Power Little Endian
References	~~(N/A) https://www.oracle.com/security-alerts/cpujul2022.html -~~	(N/A) https://www.oracle.com/security-alerts/cpujul2022.html - Third Party Advisory
References	~~(MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2064855 -~~	(MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2064855 - Issue Tracking, Third Party Advisory
References	~~(DEBIAN) https://www.debian.org/security/2022/dsa-5173 -~~	(DEBIAN) https://www.debian.org/security/2022/dsa-5173 - Third Party Advisory
References	~~(MLIST) https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html -~~	(MLIST) https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html - Mailing List, Third Party Advisory

25 Jul 2022, 18:19

Type	Values Removed	Values Added
References		(N/A) https://www.oracle.com/security-alerts/cpujul2022.html -

04 Jul 2022, 11:15

Type	Values Removed	Values Added
References		(DEBIAN) https://www.debian.org/security/2022/dsa-5173 -

01 Jul 2022, 14:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html -

29 Apr 2022, 16:15

Type	Values Removed	Values Added
References	{'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BG4J46EMFPDD5QHYXDUI3PJCZQ7HQAZR/', 'name': 'FEDORA-2022-9342e59a98', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'} {'url': 'http://packetstormsecurity.com/files/166772/Linux-FUSE-Use-After-Free.html', 'name': 'http://packetstormsecurity.com/files/166772/Linux-FUSE-Use-After-Free.html', 'tags': ['Third Party Advisory', 'VDB Entry'], 'refsource': 'MISC'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C5AUUDGSDLGYU7SZSK4PFAN22NISQZBT/', 'name': 'FEDORA-2022-de4474b89d', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'} ~~{'url': 'https://security.netapp.com/advisory/ntap-20220425-0002/', 'name': 'https://security.netapp.com/advisory/ntap-20220425-0002/', 'tags': ['Third Party Advisory'], 'refsource': 'CONFIRM'}~~	(MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2064855 -
Summary	A flaw use after free in the Linux kernel FUSE filesystem was found in the way user triggers write(). A local user could use this flaw to get some unauthorized access to some data from the FUSE filesystem and as result potentially privilege escalation too.	A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.

27 Apr 2022, 19:25

Type	Values Removed	Values Added
CPE		cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:::::::* cpe:2.3:a:netapp:hci_baseboard_management_controller:h300e:::::::* cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:::::::* cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:::::::* cpe:2.3:a:netapp:hci_baseboard_management_controller:h700e:::::::* cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:::::::* cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:::::::* cpe:2.3:a:netapp:hci_baseboard_management_controller:h500e:::::::*
References	~~(MISC) http://packetstormsecurity.com/files/166772/Linux-FUSE-Use-After-Free.html -~~	(MISC) http://packetstormsecurity.com/files/166772/Linux-FUSE-Use-After-Free.html - Third Party Advisory, VDB Entry
References	~~(CONFIRM) https://security.netapp.com/advisory/ntap-20220425-0002/ -~~	(CONFIRM) https://security.netapp.com/advisory/ntap-20220425-0002/ - Third Party Advisory
First Time		Netapp Netapp hci Baseboard Management Controller

25 Apr 2022, 21:15

Type	Values Removed	Values Added
References		(CONFIRM) https://security.netapp.com/advisory/ntap-20220425-0002/ -

19 Apr 2022, 17:15

Type	Values Removed	Values Added
References		(MISC) http://packetstormsecurity.com/files/166772/Linux-FUSE-Use-After-Free.html -

24 Mar 2022, 14:34

Type	Values Removed	Values Added
References	~~(MISC) https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git/commit/?h=for-next -~~	(MISC) https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git/commit/?h=for-next - Vendor Advisory
References	~~(FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BG4J46EMFPDD5QHYXDUI3PJCZQ7HQAZR/ -~~	(FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BG4J46EMFPDD5QHYXDUI3PJCZQ7HQAZR/ - Mailing List, Third Party Advisory
References	~~(FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C5AUUDGSDLGYU7SZSK4PFAN22NISQZBT/ -~~	(FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C5AUUDGSDLGYU7SZSK4PFAN22NISQZBT/ - Mailing List, Third Party Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.6 v3 : 7.8
CWE		CWE-416
First Time		Linux linux Kernel Fedoraproject fedora Linux Fedoraproject
CPE		cpe:2.3:o:linux:linux_kernel:5.17:rc7:::::: cpe:2.3:o:linux:linux_kernel:5.17:rc4:::::: cpe:2.3:o:linux:linux_kernel:5.17:-:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:5.17:rc3:::::: cpe:2.3:o:fedoraproject:fedora:34:::::::* cpe:2.3:o:linux:linux_kernel:5.17:rc2:::::: cpe:2.3:o:linux:linux_kernel:5.17:rc1:::::: cpe:2.3:o:fedoraproject:fedora:35:::::::*

18 Mar 2022, 22:15

Type	Values Removed	Values Added
References		(FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C5AUUDGSDLGYU7SZSK4PFAN22NISQZBT/ -

18 Mar 2022, 21:15

Type	Values Removed	Values Added
References		(FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BG4J46EMFPDD5QHYXDUI3PJCZQ7HQAZR/ -

18 Mar 2022, 19:12

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-03-18 18:15

Updated : 2023-12-10 14:22

NVD link : CVE-2022-1011

Mitre link : CVE-2022-1011

CVE.ORG link : CVE-2022-1011

JSON object : View

Products Affected

netapp

h700s_firmware
h700e
h700e_firmware
h700s
h300s_firmware
h300s
h300e
h500e_firmware
h410c_firmware
h500s
h410c
h410s
h410s_firmware
h500s_firmware
h300e_firmware
h500e

debian

debian_linux

redhat

enterprise_linux_server_aus
enterprise_linux_server_tus
enterprise_linux_eus
enterprise_linux_for_real_time_for_nfv
enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
enterprise_linux_for_ibm_z_systems
enterprise_linux_for_power_little_endian_eus
codeready_linux_builder
enterprise_linux_for_ibm_z_systems_eus
build_of_quarkus
enterprise_linux_for_real_time_for_nfv_tus
virtualization_host
enterprise_linux_for_power_little_endian
developer_tools
enterprise_linux_for_real_time_tus
enterprise_linux
enterprise_linux_for_real_time
enterprise_linux_server_update_services_for_sap_solutions

linux

linux_kernel

fedoraproject

fedora

oracle

communications_cloud_native_core_binding_support_function

CWE

CWE-416

Use After Free

7.8 /10