diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2022-05-26 22:53:33 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-05-26 22:53:33 +0200 |
commit | 5c3e1d5b71b6e045f5d6180d08fad980baab9c84 (patch) | |
tree | b1bd6c522fb9d7b153451e4f04b996182a8238a0 /active | |
parent | f62fe933fa791faa9c182e9bb6d145d7628310bc (diff) |
Add CVE-2022-1462
Diffstat (limited to 'active')
-rw-r--r-- | active/CVE-2022-1462 | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/active/CVE-2022-1462 b/active/CVE-2022-1462 new file mode 100644 index 000000000..c4533bdee --- /dev/null +++ b/active/CVE-2022-1462 @@ -0,0 +1,21 @@ +Description: +References: + https://bugzilla.redhat.com/show_bug.cgi?id=2078466 +Notes: + carnil> As of 2022-05-26 not much details provided in RH bugzilla: + carnil> descriptions reads as An out-of-bounds read flaw was found in + carnil> the Linux kernel’s TeleTYpe subsystem. The issue occurs in + carnil> how a user triggers a race condition using ioctls TIOCSPTLCK + carnil> and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory + carnil> in the flush_to_ldisc function. This flaw allows a local user + carnil> to crash the system or read unauthorized random data from + carnil> memory. +Bugs: +upstream: +5.10-upstream-stable: +4.19-upstream-stable: +4.9-upstream-stable: +sid: +5.10-bullseye-security: +4.19-buster-security: +4.9-stretch-security: |