CVE-2022-1011

Summary

CVE	CVE-2022-1011
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-03-18 18:15:00 UTC
Updated	2022-10-12 13:27:00 UTC
Description	A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.

Risk And Classification

Problem Types: CWE-416

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Debian	Debian Linux	10.0	All	All	All
Operating System	Debian	Debian Linux	9.0	All	All	All
Operating System	Fedoraproject	Fedora	34	All	All	All
Operating System	Fedoraproject	Fedora	35	All	All	All
Operating System	Linux	Linux Kernel	All	All	All	All
Operating System	Linux	Linux Kernel	5.17	-	All	All
Operating System	Linux	Linux Kernel	5.17	rc1	All	All
Operating System	Linux	Linux Kernel	5.17	rc2	All	All
Operating System	Linux	Linux Kernel	5.17	rc3	All	All
Operating System	Linux	Linux Kernel	5.17	rc4	All	All
Operating System	Linux	Linux Kernel	5.17	rc7	All	All
Hardware	Netapp	H300e	-	All	All	All
Operating System	Netapp	H300e Firmware	-	All	All	All
Hardware	Netapp	H300s	-	All	All	All
Operating System	Netapp	H300s Firmware	-	All	All	All
Hardware	Netapp	H410c	-	All	All	All
Operating System	Netapp	H410c Firmware	-	All	All	All
Hardware	Netapp	H410s	-	All	All	All
Operating System	Netapp	H410s Firmware	-	All	All	All
Hardware	Netapp	H500e	-	All	All	All
Operating System	Netapp	H500e Firmware	-	All	All	All
Hardware	Netapp	H500s	-	All	All	All
Operating System	Netapp	H500s Firmware	-	All	All	All
Hardware	Netapp	H700e	-	All	All	All
Operating System	Netapp	H700e Firmware	-	All	All	All
Hardware	Netapp	H700s	-	All	All	All
Operating System	Netapp	H700s Firmware	-	All	All	All
Application	Netapp	Hci Baseboard Management Controller	h300e	All	All	All
Application	Netapp	Hci Baseboard Management Controller	h300s	All	All	All
Application	Netapp	Hci Baseboard Management Controller	h410c	All	All	All
Application	Netapp	Hci Baseboard Management Controller	h410s	All	All	All
Application	Netapp	Hci Baseboard Management Controller	h500e	All	All	All
Application	Netapp	Hci Baseboard Management Controller	h500s	All	All	All
Application	Netapp	Hci Baseboard Management Controller	h700e	All	All	All
Application	Netapp	Hci Baseboard Management Controller	h700s	All	All	All
Application	Oracle	Communications Cloud Native Core Binding Support Function	22.1.3	All	All	All
Application	Redhat	Build Of Quarkus	2.0	All	All	All
Application	Redhat	Codeready Linux Builder	-	All	All	All
Application	Redhat	Developer Tools	1.0	All	All	All
Operating System	Redhat	Enterprise Linux	8.0	All	All	All
Operating System	Redhat	Enterprise Linux	8.6	All	All	All
Operating System	Redhat	Enterprise Linux	6.0	All	All	All
Operating System	Redhat	Enterprise Linux	7.0	All	All	All
Operating System	Redhat	Enterprise Linux	8.0	All	All	All
Operating System	Redhat	Enterprise Linux Eus	8.6	All	All	All
Operating System	Redhat	Enterprise Linux Eus	8.6	All	All	All
Operating System	Redhat	Enterprise Linux For Ibm Z Systems	8.0	All	All	All
Operating System	Redhat	Enterprise Linux For Ibm Z Systems Eus	8.6	All	All	All
Operating System	Redhat	Enterprise Linux For Power Little Endian	8.0	All	All	All
Operating System	Redhat	Enterprise Linux For Power Little Endian	8.0	All	All	All
Operating System	Redhat	Enterprise Linux For Power Little Endian Eus	8.6	All	All	All
Operating System	Redhat	Enterprise Linux For Power Little Endian Eus	8.6	All	All	All
Operating System	Redhat	Enterprise Linux For Real Time	8	All	All	All
Operating System	Redhat	Enterprise Linux For Real Time For Nfv	8	All	All	All
Operating System	Redhat	Enterprise Linux For Real Time For Nfv Tus	8.6	All	All	All
Operating System	Redhat	Enterprise Linux For Real Time Tus	8.6	All	All	All
Operating System	Redhat	Enterprise Linux Server Aus	8.6	All	All	All
Operating System	Redhat	Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions	8.6	All	All	All
Operating System	Redhat	Enterprise Linux Server Tus	8.6	All	All	All
Operating System	Redhat	Enterprise Linux Server Update Services For Sap Solutions	8.6	All	All	All
Application	Redhat	Virtualization Host	4.0	All	All	All

References

Reference	Source	Link	Tags
Debian -- Security Information -- DSA-5173-1 linux	DEBIAN	www.debian.org
[SECURITY] Fedora 34 Update: kernel-5.16.15-101.fc34 - package-announce - Fedora Mailing-Lists	FEDORA	lists.fedoraproject.org
kernel/git/mszeredi/fuse.git - FUSE	MISC	git.kernel.org
2064855 – (CVE-2022-1011) CVE-2022-1011 kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes	MISC	bugzilla.redhat.com
Linux FUSE Use-After-Free ≈ Packet Storm	MISC	packetstormsecurity.com
[SECURITY] Fedora 35 Update: kernel-5.16.15-201.fc35 - package-announce - Fedora Mailing-Lists	FEDORA	lists.fedoraproject.org
[SECURITY] [DLA 3065-1] linux security update	MLIST	lists.debian.org
Oracle Critical Patch Update Advisory - July 2022	N/A	www.oracle.com
CVE-2022-1011 Linux Kernel Vulnerability in NetApp Products \| NetApp Product Security	CONFIRM	security.netapp.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

159825 Oracle Enterprise Linux Security Update for kernel (ELSA-2022-1988)
160076 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9761)
179201 Debian Security Update for linux (CVE-2022-1011)
180282 Debian Security Update for linux (DLA 3065-1)
180605 Debian Security Update for linux (DSA 5173-1)
198747 Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-5381-1)
198824 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5467-1)
198858 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5515-1)
240275 Red Hat Update for kernel-rt (RHSA-2022:1975)
240298 Red Hat Update for kernel security (RHSA-2022:1988)
282491 Fedora Security Update for kernel (FEDORA-2022-9342e59a98)
282492 Fedora Security Update for kernel (FEDORA-2022-de4474b89d)
353293 Amazon Linux Security Advisory for kernel : ALAS2-2022-1793
353956 Amazon Linux Security Advisory for kernel : ALAS-2022-1591
376925 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2022:0125)
377124 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2022:0029)
390267 Oracle VM Server for x86 Security Update for kernel (OVMSA-2022-0024)
610432 Google Pixel Android August 2022 Security Patch Missing
671703 EulerOS Security Update for kernel (EulerOS-SA-2022-1735)
671734 EulerOS Security Update for kernel (EulerOS-SA-2022-1791)
671749 EulerOS Security Update for kernel (EulerOS-SA-2022-1808)
671804 EulerOS Security Update for kernel (EulerOS-SA-2022-1844)
671817 EulerOS Security Update for kernel (EulerOS-SA-2022-1868)
671862 EulerOS Security Update for kernel (EulerOS-SA-2022-1896)
671870 EulerOS Security Update for kernel (EulerOS-SA-2022-1934)
752036 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1183-1)
752081 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 43 for SLE 12 SP3) (SUSE-SU-2022:1440-1)
752116 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 44 for SLE 12 SP3) (SUSE-SU-2022:1641-1)
752120 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1651-1)
752125 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1686-1)
752231 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2082-1)
752237 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2083-1)
752240 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2103-1)
752242 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2104-1)
752250 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2111-1)
753082 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 30 for SLE 15 SP1) (SUSE-SU-2022:1593-1)
753137 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 15 for SLE 15 SP3) (SUSE-SU-2022:1453-1)
753273 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 28 for SLE 15) (SUSE-SU-2022:1329-1)
753287 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 29 for SLE 15 SP1) (SUSE-SU-2022:1335-1)
753390 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 14 for SLE 15 SP3) (SUSE-SU-2022:1326-1)
753417 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1163-1)
753427 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1407-1)
753445 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 12 for SLE 15 SP3) (SUSE-SU-2022:1369-1)
753453 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 26 for SLE 15 SP2) (SUSE-SU-2022:1634-1)
753471 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 29 for SLE 15) (SUSE-SU-2022:1598-1)
753703 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:0416-1)
753707 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:0416-1)
753727 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:0416-1)
900767 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (9084)
901144 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (9087-1)
902479 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (9084-1)
906020 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (9084-2)
906258 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (9087-2)
940517 AlmaLinux Security Update for kernel (ALSA-2022:1988)