CVE-2022-24122
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-24122
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 资源管理错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 5.14 到 5.16.4 中存在资源管理错误漏洞,当启用非特权用户命名空间时,允许使用后释放和特权升级,因为 ucounts 对象可以比其命名空间长。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2022-24122
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | CVE-2022-24122 Proof of Concept | https://github.com/meowmeowxw/CVE-2022-24122 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-24122
请登录查看更多情报信息。
Patches & Fixes for CVE-2022-24122 (2)
Mailing List Discussions for CVE-2022-24122 (2)
- https://www.openwall.com/lists/oss-security/2022/01/29/1x_refsource_MISC
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VVSZKUJAZ2VN6LJ35J2B6YD6BOPQTU3B/vendor-advisoryx_refsource_FEDORA
Same Patch Batch · n/a · 2022-01-29 · 7 CVEs total
| CVE-2021-46660 | Signiant flight 代码问题漏洞 | |
| CVE-2022-24123 | MarkText 跨站脚本漏洞 | |
| CVE-2022-24124 | Casdoor SQL注入漏洞 | |
| CVE-2021-46657 | MariaDB 资源管理错误漏洞 | |
| CVE-2021-46658 | MariaDB 资源管理错误漏洞 | |
| CVE-2021-46659 | MariaDB 安全漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2022-24122
No comments yet