CVE-2022-2590

HIGH

Linux Kernel - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-2590. PoCs published by hyeonjun17.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2022-2590, a Dirty COW variant in Linux kernel 6.0.0-rc1 that allows writing to read-only shared memory pages via a race condition involving UFFDIO_CONTINUE and FOLL_FORCE/FOLL_COW flags.

Description

A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only shared memory mappings. This flaw allows an unprivileged, local user to gain write access to read-only memory mappings, increasing their privileges on the system.

Exploits (1)

nomisec WORKING POC 6 stars
by hyeonjun17 · poc
https://github.com/hyeonjun17/CVE-2022-2590-analysis

This repository contains a proof-of-concept exploit for CVE-2022-2590, a Dirty COW variant in Linux kernel 6.0.0-rc1 that allows writing to read-only shared memory pages via a race condition involving UFFDIO_CONTINUE and FOLL_FORCE/FOLL_COW flags.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Racy
Target: Linux kernel 6.0.0-rc1 (commit 37887783b3fef877bf34b8992c9199864da4afcb)
No auth needed
Prerequisites: User namespace access · Ability to create userfaultfd · Access to /proc/<pid>/mem
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Mailing List, Third Party Advisory x_refsource_misc
https://www.openwall.com/lists/oss-security/2022/08/08/1

Scores

CVSS v3 7.0
EPSS 0.0090
EPSS Percentile 55.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-362
Status published
Products (1)
linux/linux_kernel 5.16 - 5.19.6
Published Aug 31, 2022
Tracked Since Feb 18, 2026