Vulnerabilities > CVE-2022-25265 - Improper Control of Dynamically-Managed Code Resources vulnerability in multiple products

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
linux
netapp
CWE-913

Summary

In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file.

Vulnerable Configurations

Part Description Count
OS
Linux
5172
OS
Netapp
8
Hardware
Netapp
8