CVE-2022-1280
published 2022-04-13CVE-2022-1280: A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local…
medium6.3CVSS 3.1
AVLACHPRLUINSUCHINAH
A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 5.15.3-1 (bookworm) | linux 5.15.3-1 (bookworm) |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 5.15.3-1 | 5.15.3-1 |
| linux | linux_kernel | >= 0 < 5.15.3-1 | 5.15.3-1 |
| linux | linux_kernel | >= 0 < 5.15.3-1 | 5.15.3-1 |
| linux | linux_kernel | 5.17 – 5.17.4 | — |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvdv3.16.3MEDIUMCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
osv6.3MEDIUM
GHSA
GHSA-26c6-8j4f-jwqh: A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease
ghsa_unreviewed·2022-04-14
CVE-2022-1280 [MEDIUM] CWE-416 GHSA-26c6-8j4f-jwqh: A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease
A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak.
OSV
CVE-2022-1280: A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease
osv·2022-04-13·CVSS 6.3
CVE-2022-1280 [MEDIUM] CVE-2022-1280: A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease
A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak.
Red Hat
kernel: concurrency use-after-free between drm_setmaster_ioctl and drm_mode_getresources
vendor_redhat·2022-04-07·CVSS 6.3
CVE-2022-1280 [MEDIUM] CWE-416 kernel: concurrency use-after-free between drm_setmaster_ioctl and drm_mode_getresources
kernel: concurrency use-after-free between drm_setmaster_ioctl and drm_mode_getresources
A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak.
A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak.
Mitigation: Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread i
Debian
CVE-2022-1280: linux - A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/dr...
vendor_debian·2022·CVSS 6.3
CVE-2022-1280 [MEDIUM] CVE-2022-1280: linux - A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/dr...
A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak.
Scope: local
bookworm: resolved (fixed in 5.15.3-1)
bullseye: open
forky: resolved (fixed in 5.15.3-1)
sid: resolved (fixed in 5.15.3-1)
trixie: resolved (fixed in 5.15.3-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-04-13
Published