CVE-2022-1998 - Fedoraproject Fedora, Linux Linux Kernel and Redhat Enterprise Linux

June 9, 2022

Critical 7.8

A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

Affected software

Fedoraproject Fedora

Linux Linux Kernel

Redhat Enterprise Linux

Reference links

https://seclists.org/oss-sec/2022/q1/99
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/notify/fanotify/fanotify_user.c?h=v5.17&id=ee12595147ac1fbfb5bcb23837e26dd58d94b15d

CVE-2022-1998 - Fedoraproject Fedora, Linux Linux Kernel and Redhat Enterprise Linux

Affected software

Reference links

Get alerted to vulnerabilities in your software