Description
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.
References (6)
Core 6
Core References
Exploit, Issue Tracking, Patch, Third Party Advisory
https://bugs.chromium.org/p/project-zero/issues/detail?id=2230&can=7&q=modified-after%3Atoday-30&sort=-modified&colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary%20Modified%20Cve&cells=tiles&redir=1
Issue Tracking, Patch, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2036934
Patch, Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=35306eb23814
Third Party Advisory
https://security.netapp.com/advisory/ntap-20221111-0003/
Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html
Scores
CVSS v3
6.8
EPSS
0.0009
EPSS Percentile
25.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
Details
CWE
CWE-362
CWE-416
Status
published
Products (17)
linux/linux_kernel
5.15 (4 CPE variants)
linux/linux_kernel
< 5.15
netapp/a700s_firmware
netapp/active_iq_unified_manager
netapp/bootstrap_os
netapp/e-series_santricity_os_controller
11.0.0 - 11.70.2
netapp/element_software
netapp/h300s_firmware
netapp/h410c_firmware
netapp/h410s_firmware
... and 7 more
Published
Mar 25, 2022
Tracked Since
Feb 18, 2026