[Debian] CVE: CVE-2022-4379: kernel: A use-after-free vulnerability
Bug #2015711 reported by
Yue Tao
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
High
|
Peng Zhang |
Bug Description
CVE-2022-4379: https:/
A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial
Score:
cve_id status cvss3Score av ac pr ui ai
CVE-2022-4379 fixed 7.5 AV:N/AC:
Upgrade Yocto kernel v5.10.177
Found during March 2023 CVE scan
CVE References
information type: | Public → Public Security |
tags: | added: stx.9.0 stx.security |
Changed in starlingx: | |
status: | New → Triaged |
importance: | Undecided → High |
assignee: | nobody → Peng Zhang (pzhang2) |
Changed in starlingx: | |
status: | Triaged → In Progress |
To post a comment you must log in.
Fix proposed to branch: master /review. opendev. org/c/starlingx /kernel/ +/881688
Review: https:/