CVE-2022-1055 - Fedoraproject Fedora, Canonical Ubuntu Linux and Linux Linux Kernel

March 29, 2022

Critical 7.8

A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5

Affected software

Fedoraproject Fedora

Canonical Ubuntu Linux

Linux Linux Kernel

Redhat Enterprise Linux

Reference links

https://kernel.dance/#04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5
https://syzkaller.appspot.com/bug?id=2212474c958978ab86525fe6832ac8102c309ffc

CVE-2022-1055 - Fedoraproject Fedora, Canonical Ubuntu Linux and Linux Linux Kernel

Affected software

Reference links

Get alerted to vulnerabilities in your software