Vulnerabilities > CVE-2022-1055 - Use After Free vulnerability in multiple products

047910
CVSS 4.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL

Summary

A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5

Vulnerable Configurations

Part Description Count
OS
Linux
453
OS
Redhat
1
OS
Fedoraproject
1
OS
Canonical
3
OS
Netapp
8
Hardware
Netapp
8

Common Weakness Enumeration (CWE)