Vulnerability Description
A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only shared memory mappings. This flaw allows an unprivileged, local user to gain write access to read-only memory mappings, increasing their privileges on the system.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.16, < 5.19.6 |
Related Weaknesses (CWE)
References
- https://lore.kernel.org/linux-mm/20220808073232.8808-1-david%40redhat.com/Vendor Advisory
- https://www.openwall.com/lists/oss-security/2022/08/08/1Mailing ListThird Party Advisory
- https://lore.kernel.org/linux-mm/20220808073232.8808-1-david%40redhat.com/Vendor Advisory
- https://www.openwall.com/lists/oss-security/2022/08/08/1Mailing ListThird Party Advisory
FAQ
What is CVE-2022-2590?
CVE-2022-2590 is a vulnerability with a CVSS score of 7.0 (HIGH). A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only shared memory mappings. This flaw allows an unprivileged, local ...
How severe is CVE-2022-2590?
CVE-2022-2590 has been rated HIGH with a CVSS base score of 7.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-2590?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.