Skip to content

Out-of-Bound (OOB) Write Memory Flow CVE–2022-0995

Introduction:

An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system. Vulnerability Release Time:
  • 2022-03-14 11:43 UTC
Vulnerability Impact & Type
  • Successful exploitation of this vulnerability could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS).
  • Privilege Escalation
Affected Products:
  • This vulnerability exist in all Linux versions up to 5.17 RC1 till RC7
Fixed Versions
  • Kernel 5.17 RC8 and above
Severity: The software writes data past the end, or before the beginning, of the intended buffer. This typically occurs when the pointer or its index is incremented or decremented to a position beyond the bounds of the buffer or when pointer arithmetic results in a position outside of the valid memory location to name a few. This may result in corruption of sensitive information, a crash, or code execution among other things. CVSS v3.1:
  • Base Score: 7.2 (High)
  • CWD ID: 787
  • Vulnerability type: Low
  • Gained Access: None
  • Authentication: None
  • Confidentiality Impact: Complete
  • Integrity Impact: Complete
  • Availability Impact: Complete
  • Access Complexity: Low
Mitigation: Mitigation for this issue is either not available or the currently available options don’t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability Technical Analysis / Exploits: 1. Login to my linux machine as a normal user and shown the linux version I’m using. 2. Now let’s download exploit data in our local machine. Use below command to successfully download exploit data from github repository: 
git clone https://github.com/Bonfee/CVE-2022-0995.git
3. After cloning the repository, change current directory to downloaded repository directory using below command: cd CVE-2022-0995 After the script completes its execution, you will successfully get the root user shell. ./exploit 4. After the script completes its execution, you will successfully get the root user shell. 5. Now, use below command to get bash shell of root user: /bin/bash/ Now you are at root user bash shell and you can do everything as a root user. Reference: 
● https://github.com/Bonfee/CVE-2022-0995
● https://nvd.nist.gov/vuln/detail/CVE-2022-0995
● https://access.redhat.com/security/cve/cve-2022-0995
#CVE–2022-0995 #Linux #kernel #Out-of-Bound(OOB)

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About VRX
VRX is a consolidated vulnerability management platform that protects assets in real time. Its rich, integrated features efficiently pinpoint and remediate the largest risks to your cyber infrastructure. Resolve the most pressing threats with efficient automation features and precise contextual analysis.

×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

×