Bug 2150863 (CVE-2022-20154) - CVE-2022-20154 kernel: possible use after free in lock_sock_nested of sock.c for the SCTP protocol
Summary: CVE-2022-20154 kernel: possible use after free in lock_sock_nested of sock.c ...
Keywords:
Status: NEW
Alias: CVE-2022-20154
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2043822 2043823 2150864 2150872 2150873 2150874 2150875
Blocks: 2099268
TreeView+ depends on / blocked
 
Reported: 2022-12-05 12:59 UTC by Alex
Modified: 2023-09-19 14:13 UTC (History)
49 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A use-after-free flaw due to a race condition was found in the Linux kernel’s sctp_diag module. This flaw allows a local user to crash or potentially escalate their privileges on the system.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description Alex 2022-12-05 12:59:18 UTC 
In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed.

Reference:
https://github.com/torvalds/linux/commit/5ec7d18d1813a5bead0b495045606c93873aecbb
Comment 1 Alex 2022-12-05 12:59:44 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2150864]
Comment 4 Justin M. Forbes 2022-12-08 15:33:56 UTC 
This was fixed for Fedora with the 5.15.13 stable kernel updates.
Note You need to log in before you can comment on or make changes to this bug.