CVE-2022-32981

HIGH

Linux kernel <5.18.3 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-32981. PoCs published by SpiralBL0CK.

AI-analyzed exploit summary This repository contains a functional proof-of-concept exploit for CVE-2022-32981, targeting a kernel vulnerability. The exploit leverages memory corruption to achieve local privilege escalation (LPE) by manipulating kernel credentials.

Description

An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating point registers.

Exploits (1)

nomisec WORKING POC
by SpiralBL0CK · poc
https://github.com/SpiralBL0CK/CVE-2022-32981

This repository contains a functional proof-of-concept exploit for CVE-2022-32981, targeting a kernel vulnerability. The exploit leverages memory corruption to achieve local privilege escalation (LPE) by manipulating kernel credentials.

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Complex
Reliability
Racy
Target: Linux Kernel (specific version not specified)
No auth needed
Prerequisites: Kernel addresses for commit_creds and prepare_kernel_cred functions · Correct offset adjustment for the exploit function
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Mailing List, Patch, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2022/06/14/3

Scores

CVSS v3 7.8
EPSS 0.0095
EPSS Percentile 56.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-120
Status published
Products (2)
linux/linux_kernel 5.19 rc1
linux/linux_kernel < 5.18.3
Published Jun 10, 2022
Tracked Since Feb 18, 2026