---

CVE-2022-1729 - log back

CVE-2022-1729 edited at 25 May 2022 19:14:43
Remote	- Unknown + Local
Description	- race condition in perf_event_open leads to privilege escalation + A use-after-free flaw was found in the Linux kernel’s performance events functionality. A user triggers a race condition in setting up performance monitoring between the leading PERF_TYPE_TRACEPOINT and sub PERF_EVENT_HARDWARE plus the PERF_EVENT_SOFTWARE using the perf_event_open() function with these three types. This flaw allows a local user to crash or potentially escalate their privileges on the system.
Notes	+ By default, except for linux-hardened, an unprivileged user can trigger an attack. For kernel that support to not allow unprivileged users to use performance events, this would require a privileged user with CAP_SYS_ADMIN, CAP_PERFMON or root to be able to abuse this flaw reducing its attack space. + To confirm the current state, inspect the sysctl with the command: + + cat /proc/sys/kernel/perf_event_paranoid + + The setting >=3 would mean that unprivileged users can not use performance events, mitigating the flaw. + A kernel update will be required to mitigate the flaw for root or users with CAP_SYS_ADMIN or CAP_PERFMON capabilities.

CVE-2022-1729 edited at 24 May 2022 06:48:26
References	+ https://www.openwall.com/lists/oss-security/2022/05/20/2 + https://git.kernel.org/linus/3ac6487e584a1eb54071dbe1212e05b884136704

CVE-2022-1729 created at 24 May 2022 06:44:52
Severity	+ High
Remote	+ Unknown
Type	+ Privilege escalation
Description	+ race condition in perf_event_open leads to privilege escalation
References
Notes