CVE-2022-29582 log
| Source |
|
| Severity | High |
| Remote | No |
| Type | Sandbox escape |
| Description | A use-after-free flaw was found in the Linux kernel’s io_uring interface subsystem in the way a user triggers a race condition between timeout flush and removal. This flaw allows a local user to crash or escalate their privileges on the system. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-2694 | linux-lts | 5.15.33-1 | 5.15.34-1 | High | Fixed | |
| AVG-2693 | linux-zen | 5.17.2.zen3-1 | 5.17.3.zen1-1 | High | Fixed | |
| AVG-2692 | linux-hardened | 5.17.3.hardened1-1 | 5.17.5.hardened1-1 | High | Fixed | |
| AVG-2691 | linux | 5.17.2.arch3-1 | 5.17.3.arch1-1 | High | Fixed |
| References |
|---|
http://www.openwall.com/lists/oss-security/2022/04/22/4 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e677edbcabee849bfdd43f1602bccbecf736a646 |