Vulnerabilities > CVE-2022-22942 - Use After Free vulnerability in VMWare Photon OS 3.0/4.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 |
Common Weakness Enumeration (CWE)
References
- https://github.com/vmware/photon/wiki/Security-Update-3.0-356
- https://github.com/vmware/photon/wiki/Security-Update-3.0-356
- https://github.com/vmware/photon/wiki/Security-Update-4.0-148
- https://github.com/vmware/photon/wiki/Security-Update-4.0-148
- https://www.openwall.com/lists/oss-security/2022/01/27/4
- https://www.openwall.com/lists/oss-security/2022/01/27/4