The watch_queue event notification subsystem in the kernel has a couple of out of bounds writes that can be triggered by any user. These can be used to overwrite parts of the kernel state, potentially allowing the user to gain privileged access to or panic the system. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=93ce93587d36493f2f86921fa79921b3cba63fbb
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2064549]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-0995
Was just looking at CVE-2022-0995 and noticed that the CVSS vector on the Red Hat site is correct CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H but it is wrong in NVD CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H It's a High severity vulnerability either way but we feel that making sure that everyone realizes the impact includes Integrity is important. Is there a way that Red Hat can push an update to NVD? Thanks!!
Thank you, CVSS was corrected on the NVD.