CVE-2022-1729 log
| Source |
|
| Severity | High |
| Remote | No |
| Type | Privilege escalation |
| Description | A use-after-free flaw was found in the Linux kernel’s performance events functionality. A user triggers a race condition in setting up performance monitoring between the leading PERF_TYPE_TRACEPOINT and sub PERF_EVENT_HARDWARE plus the PERF_EVENT_SOFTWARE using the perf_event_open() function with these three types. This flaw allows a local user to crash or potentially escalate their privileges on the system. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-2747 | linux-hardened | 5.17.9.hardened1-1 | 5.17.10.hardened1-1 | High | Fixed | |
| AVG-2746 | linux-zen | 5.17.9.zen1-1 | 5.17.10.zen1-1 | High | Fixed | |
| AVG-2745 | linux-lts | 5.15.41-1 | 5.15.42-1 | High | Fixed | |
| AVG-2744 | linux | 5.17.9-1 | 5.17.10-1 | High | Fixed |
| References |
|---|
https://www.openwall.com/lists/oss-security/2022/05/20/2 https://git.kernel.org/linus/3ac6487e584a1eb54071dbe1212e05b884136704 |
| Notes |
|---|
By default, except for linux-hardened, an unprivileged user can trigger an attack. For kernel that support to not allow unprivileged users to use performance events, this would require a privileged user with CAP_SYS_ADMIN, CAP_PERFMON or root to be able to abuse this flaw reducing its attack space.
To confirm the current state, inspect the sysctl with the command:
cat /proc/sys/kernel/perf_event_paranoid
The setting >=3 would mean that unprivileged users can not use performance events, mitigating the flaw.
A kernel update will be required to mitigate the flaw for root or users with CAP_SYS_ADMIN or CAP_PERFMON capabilities. |