Vulnerabilities > CVE-2022-1198 - Use After Free vulnerability in multiple products
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://access.redhat.com/security/cve/CVE-2022-1198
- https://access.redhat.com/security/cve/CVE-2022-1198
- https://bugzilla.redhat.com/show_bug.cgi?id=2070689
- https://bugzilla.redhat.com/show_bug.cgi?id=2070689
- https://github.com/torvalds/linux/commit/efe4186e6a1b54bf38b9e05450d43b0da1fd7739
- https://github.com/torvalds/linux/commit/efe4186e6a1b54bf38b9e05450d43b0da1fd7739
- https://www.openwall.com/lists/oss-security/2022/04/02/3
- https://www.openwall.com/lists/oss-security/2022/04/02/3