CVE-2022-2590
Summary
| CVE | CVE-2022-2590 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-08-31 16:15:00 UTC |
|---|
| Updated | 2023-05-26 19:42:00 UTC |
|---|
| Description | A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only shared memory mappings. This flaw allows an unprivileged, local user to gain write access to read-only memory mappings, increasing their privileges on the system. |
|---|
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|
| Operating System |
Linux |
Linux Kernel |
All |
All |
All |
All |
References
| Reference | Source | Link | Tags |
|---|
| [PATCH v1] mm/gup: fix FOLL_FORCE COW security issue and remove FOLL_COW - David Hildenbrand |
MISC |
lore.kernel.org |
|
| [PATCH v1] mm/gup: fix FOLL_FORCE COW security issue and remove FOLL_COW - David Hildenbrand |
MISC |
lore.kernel.org |
|
| oss-security - CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without
write permissions |
MISC |
www.openwall.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 182374 Debian Security Update for linux (CVE-2022-2590)
- 199334 Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-6071-1)
