Home
Packages
Vulnerabilities
Vendors
Report
Policy
Login
Signup
« List of all CVEs
CVE-2022-2602
Published:
1/8/2024
Last updated:
4/17/2025
Reserved:
8/1/2022
io_uring UAF, Unix SCM garbage collection
CNA assigner:
canonical (cc1ad9ee-3454-478d-9317-d3e869d708bc)
Requested by:
n/a
Metrics
Version
Score
Severity
Vector String
3.1
5.3
Medium
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
Opam packages affected (27)
albatross
cdrom
conf-bpftool
conf-libbpf
conf-linux-libc-dev
core
core_unix
hvsock
mirage-block-unix
mm
ocaml-probes
orun
rawlink
rawlink-eio
rawlink-lwt
shell
solo5
solo5-bindings-hvt
solo5-bindings-spt
solo5-cross-aarch64
solo5-kernel-ukvm
tracy-client
tuntap
uring
vhd-format
vhd-format-lwt
xapi-stdext-unix
Products affected (1)
Product
Vendor
Version
linux
The Linux Kernel Organization
< abb07dc5e8b61ab7b1dde20dd73aa01a3aeb183f
References (14)
https://ubuntu.com/security/notices/USN-5692-1
https://ubuntu.com/security/notices/USN-5752-1
https://ubuntu.com/security/notices/USN-5693-1
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2602
https://ubuntu.com/security/notices/USN-5691-1
https://ubuntu.com/security/notices/USN-5700-1
http://packetstormsecurity.com/files/176533/Linux-Broken-Unix-GC-Interaction-Use-After-Free.html
https://ubuntu.com/security/notices/USN-5692-1
https://ubuntu.com/security/notices/USN-5752-1
https://ubuntu.com/security/notices/USN-5693-1
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2602
https://ubuntu.com/security/notices/USN-5691-1
https://ubuntu.com/security/notices/USN-5700-1
http://packetstormsecurity.com/files/176533/Linux-Broken-Unix-GC-Interaction-Use-After-Free.html
Credits (2)
1
David Bouman
1
Billy Jheng Bing Jhong working with Trend Micro's Zero Day Initiative