CVE-2022-1198
published 2022-08-29CVE-2022-1198: A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 5.16.18-1 (bookworm) | linux 5.16.18-1 (bookworm) |
| linux | linux_kernel | < 5.17 | 5.17 |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 5.10.113-1 | 5.10.113-1 |
| linux | linux_kernel | >= 0 < 5.16.18-1 | 5.16.18-1 |
| linux | linux_kernel | >= 0 < 5.16.18-1 | 5.16.18-1 |
| linux | linux_kernel | >= 0 < 5.16.18-1 | 5.16.18-1 |
| linux | linux_kernel | >= 0 < 4.15.0-189.200 | 4.15.0-189.200 |
| linux | linux_kernel | >= 0 < 5.4.0-117.132 | 5.4.0-117.132 |
| linux | linux_kernel | >= 0 < 5.15.0-37.39 | 5.15.0-37.39 |
| msrc | cbl2_kernel_5.15.67.1-4_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_1.0_arm | — | — |
| msrc | cbl_mariner_1.0_x64 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| msrc | cm1_kernel_5.10.144.1-1_on_cbl_mariner_1.0 | — | — |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv7.8HIGH
GHSA
GHSA-p4xr-65m7-ff65: A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack
ghsa_unreviewed·2022-08-29
CVE-2022-1198 [MEDIUM] CWE-416 GHSA-p4xr-65m7-ff65: A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack
A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.
OSV
CVE-2022-1198: A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack
osv·2022-08-29·CVSS 5.5
CVE-2022-1198 [MEDIUM] CVE-2022-1198: A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack
A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.
OSV
linux-azure vulnerabilities
osv·2022-07-28·CVSS 7.8
CVE-2021-4197 [HIGH] linux-azure vulnerabilities
linux-azure vulnerabilities
Eric Biederman discovered that the cgroup process migration implementation
in the Linux kernel did not perform permission checks correctly in some
situations. A local attacker could possibly use this to gain administrative
privileges. (CVE-2021-4197)
Jann Horn discovered that the FUSE file system in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-1011)
Duoming Zhou discovered that the 6pack protocol implementation in the Linux
kernel did not handle detach events properly in some situations, leading to
a use-after-free vulnerability. A local attacker could use this to cause a
denial of service (system crash). (CVE-2022-1198)
Duo
OSV
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
osv·2022-07-13·CVSS 7.8
CVE-2021-4197 [HIGH] linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
Eric Biederman discovered that the cgroup process migration implementation
in the Linux kernel did not perform permission checks correctly in some
situations. A local attacker could possibly use this to gain administrative
privileges. (CVE-2021-4197)
Jann Horn discovered that the FUSE file system in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-1011)
Duoming Zhou discovered that the 6pack protocol implementation in the Linux
kernel did not handle detach events properl
OSV
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-azure-fde, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.
osv·2022-06-08·CVSS 6.5
[MEDIUM] linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-azure-fde, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-azure-fde, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
It was discovered that the Linux kernel did not properly restrict access to
the kernel debugger when booted in secure boot environments. A privileged
attacker could use this to bypass UEFI Secure Boot restrictions.
(CVE-2022-21499)
Aaron Adams discovered that the netfilter subsystem in the Linux kernel did
not properly handle the removal of stateful expressions in some situations,
leading to a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or e
OSV
linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-ibm, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-oracle, linux-raspi vulnerabilities
osv·2022-06-08·CVSS 4.4
CVE-2022-21499 [MEDIUM] linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-ibm, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-oracle, linux-raspi vulnerabilities
linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-ibm, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-oracle, linux-raspi vulnerabilities
It was discovered that the Linux kernel did not properly restrict access to
the kernel debugger when booted in secure boot environments. A privileged
attacker could use this to bypass UEFI Secure Boot restrictions.
(CVE-2022-21499)
Aaron Adams discovered that the netfilter subsystem in the Linux kernel did
not properly handle the removal of stateful expressions in some situations,
leading to a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or execute arbitrary code.
(CVE-2022-1966)
Billy Jheng Bing Jhong discovered that the CIFS network file system
implementation in the Linux ke
CISA ICS
Siemens SCALANCE, RUGGEDCOM Third-Party
cisa_ics·2023-03-16
Siemens SCALANCE, RUGGEDCOM Third-Party
ICS Advisory
##
Siemens SCALANCE, RUGGEDCOM Third-Party
Release DateMarch 16, 2023
Alert CodeICSA-23-075-01
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/Low attack complexity
- Vendor: Siemens
- Equipment: Busybox Applet affecting SCALANCE and RUGGEDCOM products
- Vulnerabilities: Out-of-bounds Write, Exposure of Sensitive Information to an Unauthorized Actor, Improper Locking, Improper Input Validation, NULL Pointer Deref
Microsoft
A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.
vendor_msrc·2022-08-09·CVSS 5.5
CVE-2022-1198 [MEDIUM] CWE-416 A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.
A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2022-07-28·CVSS 7.8
CVE-2022-1205 [HIGH] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Eric Biederman discovered that the cgroup process migration implementation
in the Linux kernel did not perform permission checks correctly in some
situations. A local attacker could possibly use this to gain administrative
privileges. (CVE-2021-4197)
Jann Horn discovered that the FUSE file system in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-1011)
Duoming Zhou discovered that the 6pack protocol implementation in the Linux
kernel did not handle detach events properly in some situations, leading to
a use-after-free vulnerability. A local attacke
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2022-07-13·CVSS 7.8
CVE-2022-1199 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Eric Biederman discovered that the cgroup process migration implementation
in the Linux kernel did not perform permission checks correctly in some
situations. A local attacker could possibly use this to gain administrative
privileges. (CVE-2021-4197)
Jann Horn discovered that the FUSE file system in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-1011)
Duoming Zhou discovered that the 6pack protocol implementation in the Linux
kernel did not handle detach events properly in some situations, leading to
a use-after-free vulnerability. A local attacker could
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2022-06-08·CVSS 4.4
CVE-2022-1671 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the Linux kernel did not properly restrict access to
the kernel debugger when booted in secure boot environments. A privileged
attacker could use this to bypass UEFI Secure Boot restrictions.
(CVE-2022-21499)
Aaron Adams discovered that the netfilter subsystem in the Linux kernel did
not properly handle the removal of stateful expressions in some situations,
leading to a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or execute arbitrary code.
(CVE-2022-1966)
Billy Jheng Bing Jhong discovered that the CIFS network file system
implementation in the Linux kernel did not properly validate arguments to
ioctl()
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2022-06-08·CVSS 6.5
CVE-2022-28389 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the Linux kernel did not properly restrict access to
the kernel debugger when booted in secure boot environments. A privileged
attacker could use this to bypass UEFI Secure Boot restrictions.
(CVE-2022-21499)
Aaron Adams discovered that the netfilter subsystem in the Linux kernel did
not properly handle the removal of stateful expressions in some situations,
leading to a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or execute arbitrary code.
(CVE-2022-1966)
It was discovered that the SCTP protocol implementation in the Linux kernel
did not properly verify VTAGs in some situations. A remote attacker could
Red Hat
kernel: use-after-free in drivers/net/hamradio/6pack.c
vendor_redhat·2022-03-28·CVSS 5.5
CVE-2022-1198 [MEDIUM] CWE-416 kernel: use-after-free in drivers/net/hamradio/6pack.c
kernel: use-after-free in drivers/net/hamradio/6pack.c
A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.
Statement: There was no shipped kernel version that was seen affected by this problem. These files are not built in our source code.
Package: kernel (Red Hat Enterprise Linux 6) - Not affected
Package: kernel (Red Hat Enterprise Linux 7) - Not affected
Package: kernel-rt (Red Hat Enterprise Linux 7) - Not affected
Package: kernel (Red Hat Enterprise Linux 8) - Not affected
Package: kernel-rt (Red Hat Enterprise Linux 8) - Not affected
Package: kernel (Red Hat Enterprise Linux 9) - Not affected
Package: kernel-rt (Red Hat Enterprise L
Debian
CVE-2022-1198: linux - A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c ...
vendor_debian·2022·CVSS 5.5
CVE-2022-1198 [MEDIUM] CVE-2022-1198: linux - A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c ...
A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.
Scope: local
bookworm: resolved (fixed in 5.16.18-1)
bullseye: resolved (fixed in 5.10.113-1)
forky: resolved (fixed in 5.16.18-1)
sid: resolved (fixed in 5.16.18-1)
trixie: resolved (fixed in 5.16.18-1)
No detection rules found.
No public exploits indexed.
https://access.redhat.com/security/cve/CVE-2022-1198https://bugzilla.redhat.com/show_bug.cgi?id=2070689https://github.com/torvalds/linux/commit/efe4186e6a1b54bf38b9e05450d43b0da1fd7739https://www.openwall.com/lists/oss-security/2022/04/02/3https://access.redhat.com/security/cve/CVE-2022-1198https://bugzilla.redhat.com/show_bug.cgi?id=2070689https://github.com/torvalds/linux/commit/efe4186e6a1b54bf38b9e05450d43b0da1fd7739https://www.openwall.com/lists/oss-security/2022/04/02/3
2022-08-29
Published