Vulnerabilities > CVE-2022-36123
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.
Vulnerable Configurations
References
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.13
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.13
- https://github.com/sickcodes/security/blob/master/advisories/SICK-2022-128.md
- https://github.com/sickcodes/security/blob/master/advisories/SICK-2022-128.md
- https://github.com/torvalds/linux/commit/74a0032b8524ee2bd4443128c0bf9775928680b0
- https://github.com/torvalds/linux/commit/74a0032b8524ee2bd4443128c0bf9775928680b0
- https://github.com/torvalds/linux/commit/96e8fc5818686d4a1591bb6907e7fdb64ef29884
- https://github.com/torvalds/linux/commit/96e8fc5818686d4a1591bb6907e7fdb64ef29884
- https://security.netapp.com/advisory/ntap-20220901-0003/
- https://security.netapp.com/advisory/ntap-20220901-0003/
- https://sick.codes/sick-2022-128
- https://sick.codes/sick-2022-128