GSD-2022-1000483

See a problem?
Please try reporting it to the source first.

Source

https://data.gsd.id/GSD-2022-1000483

Import Source

https://github.com/cloudsecurityalliance/gsd-database/blob/main/2022/1000xxx/GSD-2022-1000483.json

JSON Data

https://api.osv.dev/v1/vulns/GSD-2022-1000483

Published

2022-02-27T03:13:08.782101Z

Modified

2023-02-22T09:46:48.848482Z

Summary

audit: don't deref the syscall args when checking the openat2 open_how::flags

Details

audit: don't deref the syscall args when checking the openat2 open_how::flags

This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.10 by commit 310c9ddfdf1f8d3c9834f02175eae79c8b254b6c, it was introduced in version v5.16 by commit 1c30e3af8a79260cdba833a719209b01e6b92300. For more details please see the references link.

References

Affected packages

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/
Events: Introduced

1c30e3af8a79260cdba833a719209b01e6b92300

Limit

310c9ddfdf1f8d3c9834f02175eae79c8b254b6c

Affected versions

v5.*

v5.15

v5.15-rc2

v5.15-rc3

v5.15-rc4

v5.15-rc5

v5.15-rc6

v5.15-rc7

v5.16

v5.16-rc1

v5.16-rc2

v5.16-rc3

v5.16-rc4

v5.16-rc5

v5.16-rc6

v5.16-rc7

v5.16-rc8

v5.16.1

v5.16.2

v5.16.3

v5.16.4

v5.16.5

v5.16.6

v5.16.7

v5.16.8

v5.16.9

Database specific

source

"https://github.com/cloudsecurityalliance/gsd-database/blob/main/2022/1000xxx/GSD-2022-1000483.json"