cbcvebase.
CVE-2022-0995
published 2022-03-25

CVE-2022-0995: An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel…

PriorityP351high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EXPLOIT
EPSS
6.20%
92.6th percentile
An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system.

Affected

23 ranges
VendorProductVersion rangeFixed in
debianlinux< linux 5.16.18-1 (bookworm)linux 5.16.18-1 (bookworm)
fedoraprojectfedora
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel>= 0 < 5.10.106-15.10.106-1
linuxlinux_kernel>= 0 < 5.16.18-15.16.18-1
linuxlinux_kernel>= 0 < 5.16.18-15.16.18-1
linuxlinux_kernel>= 0 < 5.16.18-15.16.18-1
linuxlinux_kernel>= 0 < 5.15.0-138.1485.15.0-138.148
linuxlinux_kernel>= 0 < 4.4.0-278.3124.4.0-278.312
linuxlinux_kernel>= 0 < 4.15.0-237.2494.15.0-237.249
linuxlinux_kernel>= 0 < 4.15.0-247.2594.15.0-247.259
linuxlinux_kernel>= 0 < 5.4.0-212.2325.4.0-212.232
linuxlinux_kernel>= 0 < 5.4.0-218.2385.4.0-218.238
linuxlinux_kernel>= 0 < 5.15.0-138.1485.15.0-138.148
linuxlinux_kernel>= 0 < 5.15.0-141.1515.15.0-141.151
linuxlinux_kernel>= 0 < 6.8.0-57.596.8.0-57.59
linuxlinux_kernel>= 0 < 6.8.0-59.616.8.0-59.61
linuxlinux_kernel>= 5.11 < 5.15.295.15.29
linuxlinux_kernel>= 5.16 < 5.16.55.16.5
linuxlinux_kernel>= 5.8 < 5.10.1065.10.106
msrccbl2_kernel_5.15.32.1-3_on_cbl_mariner_2.0
msrccm1_kernel_5.10.111.1-1_on_cbl_mariner_1.0

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.8HIGH
vendor_debian7.8HIGH
vendor_msrc7.8HIGH
vendor_redhat7.8HIGH
vendor_ubuntu7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.