CVE-2022-1247
published 2022-08-31CVE-2022-1247: An issue found in linux-kernel that leads to a race condition in rose_connect(). The rose driver uses rose_neigh->use to represent how many objects are using…
high7CVSS 3.1
AVLACHPRLUINSUCHIHAH
An issue found in linux-kernel that leads to a race condition in rose_connect(). The rose driver uses rose_neigh->use to represent how many objects are using the rose_neigh. When a user wants to delete a rose_route via rose_ioctl(), the rose driver calls rose_del_node() and removes neighbours only if their “count” and “use” are zero.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | — | — |
| fedoraproject | fedora | — | — |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvdv3.17.0HIGHCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.0HIGH
GHSA
GHSA-78wg-6vv7-mj9q: An issue found in linux-kernel that leads to a race condition in rose_connect()
ghsa_unreviewed·2022-09-01
CVE-2022-1247 [HIGH] CWE-362 GHSA-78wg-6vv7-mj9q: An issue found in linux-kernel that leads to a race condition in rose_connect()
An issue found in linux-kernel that leads to a race condition in rose_connect(). The rose driver uses rose_neigh->use to represent how many objects are using the rose_neigh. When a user wants to delete a rose_route via rose_ioctl(), the rose driver calls rose_del_node() and removes neighbours only if their “count” and “use” are zero.
OSV
CVE-2022-1247: An issue found in linux-kernel that leads to a race condition in rose_connect()
osv·2022-08-31·CVSS 7.0
CVE-2022-1247 [HIGH] CVE-2022-1247: An issue found in linux-kernel that leads to a race condition in rose_connect()
An issue found in linux-kernel that leads to a race condition in rose_connect(). The rose driver uses rose_neigh->use to represent how many objects are using the rose_neigh. When a user wants to delete a rose_route via rose_ioctl(), the rose driver calls rose_del_node() and removes neighbours only if their “count” and “use” are zero.
Red Hat
kernel: A race condition bug in rose_connect()
vendor_redhat·2022-05-11·CVSS 7.0
CVE-2022-1247 [HIGH] CWE-366 kernel: A race condition bug in rose_connect()
kernel: A race condition bug in rose_connect()
An issue found in linux-kernel that leads to a race condition in rose_connect(). The rose driver uses rose_neigh->use to represent how many objects are using the rose_neigh. When a user wants to delete a rose_route via rose_ioctl(), the rose driver calls rose_del_node() and removes neighbours only if their “count” and “use” are zero.
Statement: There was no shipped kernel version that was seen affected by this problem. These files are not built in our source code.
Package: kernel (Red Hat Enterprise Linux 6) - Not affected
Package: kernel (Red Hat Enterprise Linux 7) - Not affected
Package: kernel-rt (Red Hat Enterprise Linux 7) - Not affected
Package: kernel (Red Hat Enterprise Linux 8) - Not affected
Package: kernel-rt (Red Hat Enterp
Debian
CVE-2022-1247: linux - An issue found in linux-kernel that leads to a race condition in rose_connect()....
vendor_debian·2022·CVSS 7.0
CVE-2022-1247 [HIGH] CVE-2022-1247: linux - An issue found in linux-kernel that leads to a race condition in rose_connect()....
An issue found in linux-kernel that leads to a race condition in rose_connect(). The rose driver uses rose_neigh->use to represent how many objects are using the rose_neigh. When a user wants to delete a rose_route via rose_ioctl(), the rose driver calls rose_del_node() and removes neighbours only if their “count” and “use” are zero.
Scope: local
bookworm: open
bullseye: open
forky: open
sid: open
trixie: open
No detection rules found.
No public exploits indexed.
2022-08-31
Published