CVE-2022-0995
published 2022-03-25CVE-2022-0995: An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel…
PriorityP351high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EXPLOIT
EPSS
6.20%
92.6th percentile
An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system.
Affected
23 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 5.16.18-1 (bookworm) | linux 5.16.18-1 (bookworm) |
| fedoraproject | fedora | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 5.10.106-1 | 5.10.106-1 |
| linux | linux_kernel | >= 0 < 5.16.18-1 | 5.16.18-1 |
| linux | linux_kernel | >= 0 < 5.16.18-1 | 5.16.18-1 |
| linux | linux_kernel | >= 0 < 5.16.18-1 | 5.16.18-1 |
| linux | linux_kernel | >= 0 < 5.15.0-138.148 | 5.15.0-138.148 |
| linux | linux_kernel | >= 0 < 4.4.0-278.312 | 4.4.0-278.312 |
| linux | linux_kernel | >= 0 < 4.15.0-237.249 | 4.15.0-237.249 |
| linux | linux_kernel | >= 0 < 4.15.0-247.259 | 4.15.0-247.259 |
| linux | linux_kernel | >= 0 < 5.4.0-212.232 | 5.4.0-212.232 |
| linux | linux_kernel | >= 0 < 5.4.0-218.238 | 5.4.0-218.238 |
| linux | linux_kernel | >= 0 < 5.15.0-138.148 | 5.15.0-138.148 |
| linux | linux_kernel | >= 0 < 5.15.0-141.151 | 5.15.0-141.151 |
| linux | linux_kernel | >= 0 < 6.8.0-57.59 | 6.8.0-57.59 |
| linux | linux_kernel | >= 0 < 6.8.0-59.61 | 6.8.0-59.61 |
| linux | linux_kernel | >= 5.11 < 5.15.29 | 5.15.29 |
| linux | linux_kernel | >= 5.16 < 5.16.5 | 5.16.5 |
| linux | linux_kernel | >= 5.8 < 5.10.106 | 5.10.106 |
| msrc | cbl2_kernel_5.15.32.1-3_on_cbl_mariner_2.0 | — | — |
| msrc | cm1_kernel_5.10.111.1-1_on_cbl_mariner_1.0 | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.8HIGH
vendor_debian7.8HIGH
vendor_msrc7.8HIGH
vendor_redhat7.8HIGH
vendor_ubuntu7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Kernel Live Patch Security Notice
osv·2025-05-29·CVSS 7.8
[HIGH] Kernel Live Patch Security Notice
Kernel Live Patch Security Notice
In the Linux kernel, the following vulnerability has been
resolved: nfsd: fix use-after-free due to delegation race A delegation
break could arrive as soon as we've called vfs_setlease. A delegation break
runs a callback which immediately (in nfsd4_cb_recall_prepare) adds the
delegation to del_recall_lru. If we then exit nfs4_set_delegation without
hashing the delegation, it will be freed as soon as the callback is done
with it, without ever being removed from del_recall_lru. Symptoms show up
later as use-after-free or list corruption warnings, usually in the
laundromat thread. I suspect aba2072f4523 'nfsd: grant read delegations to
clients holding writes' made this bug easier to hit, but I looked as far
back as v3.0 and it looks to me it already had the
OSV
linux-xilinx-zynqmp vulnerabilities
osv·2025-05-02·CVSS 7.8
CVE-2022-0995 [HIGH] linux-xilinx-zynqmp vulnerabilities
linux-xilinx-zynqmp vulnerabilities
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- iSCSI Boot Firmware Table Attributes driver;
- GPU drivers;
- Network drivers;
- File systems infrastructure;
- NTFS3 file system;
- SMB network file system;
- Network namespace;
- Ethernet bridge;
- Networking core;
- Ethtool driver;
- IPv6 networking;
- Network traffic control;
- VMware vSockets driver;
(CVE-2024-50
OSV
linux-aws-5.15 vulnerabilities
osv·2025-04-29·CVSS 7.8
CVE-2022-0995 [HIGH] linux-aws-5.15 vulnerabilities
linux-aws-5.15 vulnerabilities
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- iSCSI Boot Firmware Table Attributes driver;
- Network drivers;
- File systems infrastructure;
- NTFS3 file system;
- Ethernet bridge;
- Ethtool driver;
- IPv6 networking;
- Network traffic control;
- VMware vSockets driver;
(CVE-2024-26837, CVE-2025-21993, CVE-2025-21702, CVE-2024-50248,
CVE-2024-46826, CVE-2024-50256, CV
OSV
linux-gcp-5.15 vulnerabilities
osv·2025-04-28·CVSS 7.8
CVE-2022-0995 [HIGH] linux-gcp-5.15 vulnerabilities
linux-gcp-5.15 vulnerabilities
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Virtio block driver;
- Data
OSV
linux-oracle-5.15 vulnerabilities
osv·2025-04-25·CVSS 7.8
CVE-2022-0995 [HIGH] linux-oracle-5.15 vulnerabilities
linux-oracle-5.15 vulnerabilities
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Network drivers;
- File systems infrastructure;
- NTFS3 file system;
- Ethernet bridge;
- Ethtool driver;
- IPv6 networking;
- Network traffic control;
- VMware vSockets driver;
(CVE-2025-21993, CVE-2025-21703, CVE-2024-50248, CVE-2025-21700,
CVE-2024-50256, CVE-2025-21701, CVE-2024-56651, CVE-2025-21756,
CVE-2024-26837
OSV
linux-intel-iotg-5.15 vulnerabilities
osv·2025-04-24·CVSS 7.8
CVE-2022-0995 [HIGH] linux-intel-iotg-5.15 vulnerabilities
linux-intel-iotg-5.15 vulnerabilities
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Virtio block driver;
OSV
linux-azure-fips vulnerabilities
osv·2025-04-24·CVSS 7.8
CVE-2022-0995 [HIGH] linux-azure-fips vulnerabilities
linux-azure-fips vulnerabilities
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Network drivers;
- Microsoft Azure Network Adapter (MANA) driver;
- File systems infrastructure;
- NTFS3 file system;
- Ethernet bridge;
- Ethtool driver;
- IPv6 networking;
- Network traffic control;
- VMware vSockets driver;
(CVE-2024-26837, CVE-2024-50248, CVE-2025-21756, CVE-2025-21701,
CVE-2024-50256, CVE-2025-21993
OSV
linux-intel-iot-realtime, linux-realtime vulnerabilities
osv·2025-04-24·CVSS 7.8
CVE-2022-0995 [HIGH] linux-intel-iot-realtime, linux-realtime vulnerabilities
linux-intel-iot-realtime, linux-realtime vulnerabilities
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Network drivers;
- File systems infrastructure;
- NTFS3 file system;
- Ethernet bridge;
- Ethtool driver;
- IPv6 networking;
- Network traffic control;
- VMware vSockets driver;
(CVE-2024-56651, CVE-2025-21756, CVE-2024-26837, CVE-2025-21700,
CVE-2024-46826, CVE-2024-50256, CVE-2024-50248, CVE-202
OSV
linux, linux-aws, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-intel-iotg, linux-kvm, linux-lowlatency, lin
osv·2025-04-24·CVSS 7.8
[HIGH] linux, linux-aws, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-intel-iotg, linux-kvm, linux-lowlatency, lin
linux, linux-aws, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-igx, linux-oracle, linux-raspi vulnerabilities
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Network drivers;
- File systems
OSV
linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities
osv·2025-04-24·CVSS 7.8
CVE-2022-0995 [HIGH] linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities
linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Network drivers;
- File systems infrastructure;
- NTFS3 file system;
- Ethernet bridge;
- Ethtool driver;
- IPv6 networking;
- Network traffic control;
- VMware vSockets driver;
(CVE-2024-26837, CVE-2025-21993, CVE-2025-21702, CVE-2025-21700,
CVE-2025-21701, CVE-2024-50248, CVE-2024-56651, CVE-2
OSV
Kernel Live Patch Security Notice
osv·2025-04-16·CVSS 7.8
CVE-2022-0995 [HIGH] Kernel Live Patch Security Notice
Kernel Live Patch Security Notice
It was discovered that the watch_queue event notification system contained
an out-of-bounds write vulnerability. A local attacker could use this to
cause a denial of service or escalate their privileges.)(CVE-2022-0995)
In the Linux kernel, the following vulnerability has been
resolved: smb: client: fix potential UAF in cifs_debug_files_proc_show()
Skip sessions that are being teared down (status == SES_EXITING) to avoid
UAF.)(CVE-2024-26928)
In the Linux kernel, the following vulnerability has been
resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break()
Skip sessions that are being teared down (status == SES_EXITING) to avoid
UAF.)(CVE-2024-35864)
In the Linux kernel, the following vulnerability has been
resolved: HID: core: zero-initi
GHSA
GHSA-q5p3-3mpm-hppr: An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem
ghsa_unreviewed·2022-03-26
CVE-2022-0995 [HIGH] CWE-787 GHSA-q5p3-3mpm-hppr: An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem
An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system.
OSV
CVE-2022-0995: An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem
osv·2022-03-25·CVSS 7.8
CVE-2022-0995 [HIGH] CVE-2022-0995: An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem
An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system.
Ubuntu
Kernel Live Patch Security Notice
vendor_ubuntu·2025-05-29·CVSS 7.8
CVE-2022-0995 [HIGH] Kernel Live Patch Security Notice
Title: Kernel Live Patch Security Notice
Summary: Several security issues were fixed in the kernel.
In the Linux kernel, the following vulnerability has been
resolved: nfsd: fix use-after-free due to delegation race A delegation
break could arrive as soon as we've called vfs_setlease. A delegation break
runs a callback which immediately (in nfsd4_cb_recall_prepare) adds the
delegation to del_recall_lru. If we then exit nfs4_set_delegation without
hashing the delegation, it will be freed as soon as the callback is done
with it, without ever being removed from del_recall_lru. Symptoms show up
later as use-after-free or list corruption warnings, usually in the
laundromat thread. I suspect aba2072f4523 'nfsd: grant read delegations to
clients holding writes' made this bug easier to hit, but
Ubuntu
Linux kernel (Xilinx ZynqMP) vulnerabilities
vendor_ubuntu·2025-05-02·CVSS 7.8
CVE-2022-0995 [HIGH] Linux kernel (Xilinx ZynqMP) vulnerabilities
Title: Linux kernel (Xilinx ZynqMP) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- iSCSI Boot Firmware Table Attributes driver;
- GPU drivers;
- Network drivers;
- File systems infrastructure;
- NTFS3 file system;
- SMB network file system;
- Network namespace;
- Ethernet bridge;
- Networking core;
- Ethtool driver;
-
Ubuntu
Linux kernel (AWS) vulnerabilities
vendor_ubuntu·2025-04-29·CVSS 7.8
CVE-2024-26837 [HIGH] Linux kernel (AWS) vulnerabilities
Title: Linux kernel (AWS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- iSCSI Boot Firmware Table Attributes driver;
- Network drivers;
- File systems infrastructure;
- NTFS3 file system;
- Ethernet bridge;
- Ethtool driver;
- IPv6 networking;
- Network traffic control;
- VMware vSockets driver;
(CVE-2024-26837, CVE-2
Ubuntu
Linux kernel (GCP) vulnerabilities
vendor_ubuntu·2025-04-28·CVSS 7.8
CVE-2024-56631 [HIGH] Linux kernel (GCP) vulnerabilities
Title: Linux kernel (GCP) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- D
Ubuntu
Linux kernel (Oracle) vulnerabilities
vendor_ubuntu·2025-04-25·CVSS 7.8
CVE-2024-26837 [HIGH] Linux kernel (Oracle) vulnerabilities
Title: Linux kernel (Oracle) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Network drivers;
- File systems infrastructure;
- NTFS3 file system;
- Ethernet bridge;
- Ethtool driver;
- IPv6 networking;
- Network traffic control;
- VMware vSockets driver;
(CVE-2025-21993, CVE-2025-21703, CVE-2024-50248, CVE-2025-21700,
C
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities
vendor_ubuntu·2025-04-24·CVSS 7.8
CVE-2025-21703 [HIGH] Linux kernel (Azure FIPS) vulnerabilities
Title: Linux kernel (Azure FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Network drivers;
- Microsoft Azure Network Adapter (MANA) driver;
- File systems infrastructure;
- NTFS3 file system;
- Ethernet bridge;
- Ethtool driver;
- IPv6 networking;
- Network traffic control;
- VMware vSockets driver;
(CVE-2024-268
Ubuntu
Linux kernel (Real-time) vulnerabilities
vendor_ubuntu·2025-04-24·CVSS 7.8
CVE-2025-21703 [HIGH] Linux kernel (Real-time) vulnerabilities
Title: Linux kernel (Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Network drivers;
- File systems infrastructure;
- NTFS3 file system;
- Ethernet bridge;
- Ethtool driver;
- IPv6 networking;
- Network traffic control;
- VMware vSockets driver;
(CVE-2024-56651, CVE-2025-21756, CVE-2024-26837, CVE-2025-21700
Ubuntu
Linux kernel (FIPS) vulnerabilities
vendor_ubuntu·2025-04-24·CVSS 7.8
CVE-2024-26837 [HIGH] Linux kernel (FIPS) vulnerabilities
Title: Linux kernel (FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Network drivers;
- File systems infrastructure;
- NTFS3 file system;
- Ethernet bridge;
- Ethtool driver;
- IPv6 networking;
- Network traffic control;
- VMware vSockets driver;
(CVE-2024-26837, CVE-2025-21993, CVE-2025-21702, CVE-2025-21700,
CVE
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-04-24·CVSS 7.8
CVE-2025-21703 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Network drivers;
- File systems infrastructure;
- NTFS3 file system;
- Ethernet bridge;
- Ethtool driver;
- IPv6 networking;
- Network traffic control;
- VMware vSockets driver;
(CVE-2025-21703, CVE-2024-56651, CVE-2024-50248, CVE-2025-21701,
CVE-2024-2
Ubuntu
Linux kernel (Intel IoTG) vulnerabilities
vendor_ubuntu·2025-04-24·CVSS 7.8
CVE-2024-56631 [HIGH] Linux kernel (Intel IoTG) vulnerabilities
Title: Linux kernel (Intel IoTG) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drive
Ubuntu
Kernel Live Patch Security Notice
vendor_ubuntu·2025-04-16·CVSS 7.8
CVE-2024-50302 [HIGH] Kernel Live Patch Security Notice
Title: Kernel Live Patch Security Notice
Summary: Several security issues were fixed in the kernel.
It was discovered that the watch_queue event notification system contained
an out-of-bounds write vulnerability. A local attacker could use this to
cause a denial of service or escalate their privileges.)(CVE-2022-0995)
In the Linux kernel, the following vulnerability has been
resolved: smb: client: fix potential UAF in cifs_debug_files_proc_show()
Skip sessions that are being teared down (status == SES_EXITING) to avoid
UAF.)(CVE-2024-26928)
In the Linux kernel, the following vulnerability has been
resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break()
Skip sessions that are being teared down (status == SES_EXITING) to avoid
UAF.)(CVE-2024-35864)
In the Linux kernel, t
Red Hat
kernel: kernel bug in the watch_queue subsystem
vendor_redhat·2022-03-11·CVSS 7.8
CVE-2022-0995 [HIGH] CWE-787 kernel: kernel bug in the watch_queue subsystem
kernel: kernel bug in the watch_queue subsystem
An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system.
An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system.
Statement: There was no shipped kernel version that was seen affected by this problem.
Mitigation: Mitigation for this issue is either not available or the currently available options don't meet the Red Hat P
Microsoft
An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state potentially allowing a local user t
vendor_msrc·2022-03-08·CVSS 7.8
CVE-2022-0995 [HIGH] CWE-787 An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state potentially allowing a local user t
An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state potentially allowing a local user to gain privileged access or cause a denial of service on the system.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information
Debian
CVE-2022-0995: linux - An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_q...
vendor_debian·2022·CVSS 7.8
CVE-2022-0995 [HIGH] CVE-2022-0995: linux - An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_q...
An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system.
Scope: local
bookworm: resolved (fixed in 5.16.18-1)
bullseye: resolved (fixed in 5.10.106-1)
forky: resolved (fixed in 5.16.18-1)
sid: resolved (fixed in 5.16.18-1)
trixie: resolved (fixed in 5.16.18-1)
Suricata
GPL NETBIOS DCERPC CoGetInstanceFromFile little endian overflow attempt
suricata·2010-09-23
CVE-2003-0995 GPL NETBIOS DCERPC CoGetInstanceFromFile little endian overflow attempt
GPL NETBIOS DCERPC CoGetInstanceFromFile little endian overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 135 (msg:"GPL NETBIOS DCERPC CoGetInstanceFromFile little endian overflow attempt"; flow:established,to_server; flowbits:isset,smb.tree.bind.msqueue; content:"|05|"; depth:1; byte_test:1,&,16,3,relative; content:"|00|"; offset:1; depth:1; content:"|01 00|"; distance:19; within:2; byte_test:4,>,128,20,relative,little; reference:cve,2003-0995; reference:url,www.eeye.com/html/Research/Advisories/AD20030910.html; reference:url,www.microsoft.com/technet/security/bulletin/MS03-026.mspx; classtype:attempted-admin; sid:2103158; rev:8; metadata:created_at 2010_09_23, cve CVE_2003_0995, confidence Medium, signature_severity Informational, updated_at 2022_04_18;)
arXiv
ATLANTIS: AI-driven Threat Localization, Analysis, and Triage Intelligence System
arxiv_fulltext·2025-09-18
ATLANTIS: AI-driven Threat Localization, Analysis, and Triage Intelligence System
Team Atlanta
Atlantis: AI-driven Threat Localization, Analysis, and Triage Intelligence System
Taesoo Kim,
HyungSeok Han,
Soyeon Park,
Dae R. Jeong,
Dohyeok Kim,
Dongkwan Kim,
Eunsoo Kim,
Jiho Kim,
Joshua Wang,
Kangsu Kim,
Sangwoo Ji,
Woosun Song,
Hanqing Zhao,
Andrew Chin,
Gyejin Lee,
Kevin Stevens,
Mansour Alharthi,
Yizhuo Zhai,
Cen Zhang,
Joonun Jang,
Yeongjin Jang,
Ammar Askar,
Dongju Kim,
Fabian Fleischer,
Jeongin Cho,
Junsik Kim,
Kyungjoon Ko,
Insu Yun,
Sangdon Park,
Dowoo Baik,
Haein Lee,
Hyeon Heo,
Minjae Gwon,
Minjae Lee,
Minwoo Baek,
Seunggi Min,
Wonyoung Kim,
Yonghwi Jin,
Younggi Park,
Yunjae Choi,
Jinho Jung,
Gwanhyun Lee,
Junyoung Jang,
Kyuheon Kim,
Yeonghyeon Cha,
and Youngjoon Kim
titlepage
.025
[b]
1.5cm
\ 20pt]
4cm
[ ][c]
[RGB]154,175,191
0.5cm
center
[height=4cm]
arXiv
Beyond Control: Exploring Novel File System Objects for Data-Only Attacks on Linux Systems
arxiv_fulltext·2024-09-07
Beyond Control: Exploring Novel File System Objects for Data-Only Attacks on Linux Systems
Beyond Control: Exploring Novel File System Objects for Data-Only Attacks on Linux Systems
Jinmeng Zhou, Jiayi Hu, Ziyue Pan, Jiaxun Zhu, Wenbo Shen, Guoren Li, Zhiyun Qian
Jinmeng Zhou, Jiayi Hu, Ziyue Pan, Jiaxun Zhu and Wenbo Shen are with the College of Computer Science and Technology at Zhejiang University, Hangzhou, Zhejiang, 310027, China.
Email: \jinmengzhou, hujiayi, ziyuepan, sevenswords, shenwenbo\@zju.edu.cn;
Guoren Li and Zhiyun Qian are with the Department of Computer Science and Engineering, University of California, Riverside 92521, USA.
Email: [email protected] and [email protected];
Wenbo Shen is the corresponding author.
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. XX, 20XX
Shell et al.: A Sample Article Using IEEEtran.cls for IEEE Journals
## Abstra
http://packetstormsecurity.com/files/166770/Linux-watch_queue-Filter-Out-Of-Bounds-Write.htmlhttp://packetstormsecurity.com/files/166815/Watch-Queue-Out-Of-Bounds-Write.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=2063786https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=93ce93587d36493f2f86921fa79921b3cba63fbbhttps://security.netapp.com/advisory/ntap-20220429-0001/http://packetstormsecurity.com/files/166770/Linux-watch_queue-Filter-Out-Of-Bounds-Write.htmlhttp://packetstormsecurity.com/files/166815/Watch-Queue-Out-Of-Bounds-Write.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=2063786https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=93ce93587d36493f2f86921fa79921b3cba63fbbhttps://security.netapp.com/advisory/ntap-20220429-0001/
2022-03-25
Published