CVE-2022-21505

CWE-346 CWE-3058 documents7 sources

Severity

6.7MEDIUM

EPSS

0.0%

top 86.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Corporation Oracle Linux Oracle Linux

Timeline

PublishedDec 24

Description

In the linux kernel, if IMA appraisal is used with the "ima_appraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "ima_appraise=log" from the boot param when Secure Boot is enabled, but this does not cover cases where lockdown is used without Secure Boot. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity, Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages3 packages

▶Debianlinux< 5.10.136-1+3

▶NVDoracle/linux7, 8, 9+2

▶CVEListV5oracle_corporation/oracle_linuxOracle Linux: 7, Oracle Linux: 8, Oracle Linux: 9+2

🔴Vulnerability Details

OSV

CVE-2022-21505: In the linux kernel, if IMA appraisal is used with the "ima_appraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure B↗2024-12-24

▶

CVEList

CVE-2022-21505: In the linux kernel, if IMA appraisal is used with the "ima_appraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure B↗2024-12-24

▶

OSV

linux-oem-5.17 vulnerabilities↗2023-04-19

▶

Kernel

lockdown: Fix kexec lockdown bypass with ima policy↗2022-07-20

▶

📋Vendor Advisories

Ubuntu

Linux kernel (OEM) vulnerabilities↗2023-04-19

▶

Red Hat

kernel: lockdown bypass using IMA↗2022-07-19

▶

Debian

CVE-2022-21505: linux - In the linux kernel, if IMA appraisal is used with the "ima_appraise=log" boot p...↗2022

▶