Linux Kernel security update-CVE-2022-28796

May 4, 2022

NAME

Linux Kernel OrganizationLinux Kernel

  • Platforms Affected:
    Linux Kernel

  • Risk Level:
    low

  • CVE Type:
    Use after free

DESCRIPTION

CVE-2022-28796 is a use after free vulnerability impacting Linux Kernel versions 5.17 and earlier. A proof of concept (PoC) was not observed publicly or in the underground.

CVSS Information:

  • CVSS 2.0 SCORE: 6.9
  • CVSS 3.0 SCORE: 7

  • Exploit Disclosed in the Public:
    true

  • Exploit Weaponised:


  • PoC Link:

MITIGATION

Linux Kernel Organization addressed the vulnerability in a software development platform saved commit change with a patch.

  • Reference Link:
    https://github.com/torvalds/linux/commit/cc16eecae687912238ee6efbff71ad31e2bc414e

  • Patch Available:
    available

If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.

Digital Patreon Wordmark FieryCoralv2

You may have missed

CISA Logo

CISA: Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation

November 24, 2024
CISA Logo

CISA: CISA Releases Four Industrial Control Systems Advisories

November 24, 2024
CISA Logo

CISA: JCDC’s Industry-Government Collaboration Speeds Mitigation of CrowdStrike IT Outage

November 24, 2024
CISA Logo

CISA: CISA Releases Three Industrial Control Systems Advisories

November 24, 2024
CISA Logo

CISA: Foreign Threat Actor Conducting Large-Scale Spearphishing Campaign with RDP Attachments

November 24, 2024