Bug 2084183 (CVE-2022-21499) - CVE-2022-21499 kernel: possible to use the debugger to write zero into a location of choice
Summary: CVE-2022-21499 kernel: possible to use the debugger to write zero into a loca...
Keywords:
Status: NEW
Alias: CVE-2022-21499
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2104748 2104749 2104750 2104751 2096817
Blocks: 2084172
TreeView+ depends on / blocked
 
Reported: 2022-05-11 15:30 UTC by Marian Rehak
Modified: 2022-07-16 03:20 UTC (History)
52 users (show)

Fixed In Version: kernel 5.19 rc1
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the kernel/debug/debug_core.c in the Linux kernel in lockdown mode. This flaw allows an attacker with local access to trigger the debugger, bypass lockdown and write anonymously.
Clone Of:
Environment:
Last Closed:


Attachments (Terms of Use)

Description Marian Rehak 2022-05-11 15:30:58 UTC
A flaw was found in kernel/debug/debug_core.c in the Linux kernel in the lockdown mode.  In this flaw, an attacker with local access could trigger the debugger, bypass lockdown and write anonymously.

In this flaw, KGDB and KDB allow read and write access to kernel memory, and thus should not be allowed during lockdown. An attacker with access to a serial port could trigger the debugger and use it to bypass lockdown.

Reference:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=eadb2f47a3ced5c64b23b90fd2a3463f63726066

Comment 2 Marian Rehak 2022-06-14 11:14:20 UTC
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2096817]

Comment 4 Justin M. Forbes 2022-06-16 14:12:40 UTC
This was fixed for Fedora with the 5.17.10 stable kernel updates.


Note You need to log in before you can comment on or make changes to this bug.