CVE-2022-0480
Summary
| CVE | CVE-2022-0480 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-08-29 15:15:00 UTC |
|---|
| Updated | 2023-03-03 18:49:00 UTC |
|---|
| Description | A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface (POSIX) file locks. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| CVE-2022-0480 | Ubuntu |
MISC |
ubuntu.com |
|
| [patch 101/212] memcg: enable accounting for file lock caches - Andrew Morton |
MISC |
lore.kernel.org |
|
| kernel/git/torvalds/linux.git - Linux kernel source tree |
MISC |
git.kernel.org |
|
| [patch 101/212] memcg: enable accounting for file lock caches - Andrew Morton |
MISC |
lore.kernel.org |
|
| Host Memory Exhaustion Attack from Inside Kata Containers · Issue #3373 · kata-containers/kata-containers · GitHub |
MISC |
github.com |
|
| 2049700 – (CVE-2022-0480) CVE-2022-0480 kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion |
MISC |
bugzilla.redhat.com |
|
| Red Hat Customer Portal - Access to 24x7 support and knowledge |
MISC |
access.redhat.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 183102 Debian Security Update for linux (CVE-2022-0480)
- 243050 Red Hat Update for kernel (RHSA-2024:1250)
- 243059 Red Hat Update for kernel-rt (RHSA-2024:1303)
- 243060 Red Hat Update for kernel security (RHSA-2024:1304)
- 243062 Red Hat Update for kernel-rt (RHSA-2024:1306)
- 905672 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (13752)
