CVE-2022-29968

HIGH

Linux kernel <5.17.5 - Info Disclosure

Title source: llm
STIX 2.1

Description

An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private.

Exploits (1)

nomisec WORKING POC 20 stars
by jprx · poc
https://github.com/jprx/CVE-2022-29968

References (5)

Scores

CVSS v3 7.8
EPSS 0.0166
EPSS Percentile 82.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-909
Status published
Products (10)
fedoraproject/fedora 34
fedoraproject/fedora 35
fedoraproject/fedora 36
linux/linux_kernel < 5.17.5
netapp/h300s_firmware
netapp/h410c_firmware
netapp/h410s_firmware
netapp/h500s_firmware
netapp/h700s_firmware
netapp/solidfire_\&_hci_management_node
Published May 02, 2022
Tracked Since Feb 18, 2026