{"api_version":"1","generated_at":"2026-04-22T20:06:56+00:00","cve":"CVE-2022-20141","urls":{"html":"https://cve.report/CVE-2022-20141","api":"https://cve.report/api/cve/CVE-2022-20141.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-20141","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-20141"},"summary":{"title":"CVE-2022-20141","description":"In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112551163References: Upstream kernel","state":"PUBLIC","assigner":"security@android.com","published_at":"2022-06-15 14:15:00","updated_at":"2024-02-02 16:50:00"},"problem_types":["CWE-362"],"metrics":[],"references":[{"url":"https://source.android.com/security/bulletin/2022-06-01","name":"https://source.android.com/security/bulletin/2022-06-01","refsource":"MISC","tags":[],"title":"Android Security Bulletin—June 2022  |  Android Open Source Project","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-20141","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-20141","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"20141","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"google","cpe5":"android","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-20141","qid":"160583","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2023-2458)"},{"cve":"CVE-2022-20141","qid":"160692","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2023-2951)"},{"cve":"CVE-2022-20141","qid":"160766","title":"Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2023-12566)"},{"cve":"CVE-2022-20141","qid":"160767","title":"Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2023-12565)"},{"cve":"CVE-2022-20141","qid":"179363","title":"Debian Security Update for linux (CVE-2022-20141)"},{"cve":"CVE-2022-20141","qid":"241417","title":"Red Hat Update for kernel security (RHSA-2023:2458)"},{"cve":"CVE-2022-20141","qid":"241468","title":"Red Hat Update for kernel-rt (RHSA-2023:2148)"},{"cve":"CVE-2022-20141","qid":"241504","title":"Red Hat Update for kernel security (RHSA-2023:2951)"},{"cve":"CVE-2022-20141","qid":"241527","title":"Red Hat Update for kernel-rt (RHSA-2023:2736)"},{"cve":"CVE-2022-20141","qid":"242855","title":"Red Hat Update for kernel (RHSA-2024:0412)"},{"cve":"CVE-2022-20141","qid":"378043","title":"Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX2-SA-2023:0011)"},{"cve":"CVE-2022-20141","qid":"390285","title":"Oracle Managed Virtualization (VM) Server for x86 Security Update for kernel (OVMSA-2023-0017)"},{"cve":"CVE-2022-20141","qid":"390286","title":"Oracle Managed Virtualization (VM) Server for x86 Security Update for kernel (OVMSA-2023-0018)"},{"cve":"CVE-2022-20141","qid":"610417","title":"Google Android Devices June 2022 Security Patch Missing"},{"cve":"CVE-2022-20141","qid":"610422","title":"Google Android July 2022 Security Patch Missing for Huawei EMUI"},{"cve":"CVE-2022-20141","qid":"610423","title":"Google Android July 2022 Security Patch Missing for Samsung"},{"cve":"CVE-2022-20141","qid":"672045","title":"EulerOS Security Update for kernel (EulerOS-SA-2022-2225)"},{"cve":"CVE-2022-20141","qid":"672086","title":"EulerOS Security Update for kernel (EulerOS-SA-2022-2321)"},{"cve":"CVE-2022-20141","qid":"672139","title":"EulerOS Security Update for kernel (EulerOS-SA-2022-2428)"},{"cve":"CVE-2022-20141","qid":"672158","title":"EulerOS Security Update for kernel (EulerOS-SA-2022-2415)"},{"cve":"CVE-2022-20141","qid":"672218","title":"EulerOS Security Update for kernel (EulerOS-SA-2022-2619)"},{"cve":"CVE-2022-20141","qid":"672322","title":"EulerOS Security Update for kernel (EulerOS-SA-2022-2716)"},{"cve":"CVE-2022-20141","qid":"752340","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2377-1)"},{"cve":"CVE-2022-20141","qid":"752349","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2382-1)"},{"cve":"CVE-2022-20141","qid":"752354","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2393-1)"},{"cve":"CVE-2022-20141","qid":"752359","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2411-1)"},{"cve":"CVE-2022-20141","qid":"752360","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2407-1)"},{"cve":"CVE-2022-20141","qid":"752363","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2423-1)"},{"cve":"CVE-2022-20141","qid":"752364","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2422-1)"},{"cve":"CVE-2022-20141","qid":"752391","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2549-1)"},{"cve":"CVE-2022-20141","qid":"752463","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2809-1)"},{"cve":"CVE-2022-20141","qid":"753091","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2172-1)"},{"cve":"CVE-2022-20141","qid":"753140","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 26 for SLE 15 SP2) (SUSE-SU-2022:2779-1)"},{"cve":"CVE-2022-20141","qid":"753151","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 26 for SLE 15) (SUSE-SU-2022:2709-1)"},{"cve":"CVE-2022-20141","qid":"753184","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 11 for SLE 15 SP3) (SUSE-SU-2022:2738-1)"},{"cve":"CVE-2022-20141","qid":"753216","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 16 for SLE 15 SP3) (SUSE-SU-2022:2727-1)"},{"cve":"CVE-2022-20141","qid":"753219","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 14 for SLE 15 SP3) (SUSE-SU-2022:2726-1)"},{"cve":"CVE-2022-20141","qid":"753238","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 31 for SLE 15 SP1) (SUSE-SU-2022:2762-1)"},{"cve":"CVE-2022-20141","qid":"753246","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 29 for SLE 15 SP1) (SUSE-SU-2022:2728-1)"},{"cve":"CVE-2022-20141","qid":"753247","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 29 for SLE 15) (SUSE-SU-2022:2750-1)"},{"cve":"CVE-2022-20141","qid":"753277","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 28 for SLE 15 SP1) (SUSE-SU-2022:2700-1)"},{"cve":"CVE-2022-20141","qid":"753294","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 19 for SLE 15 SP3) (SUSE-SU-2022:2696-1)"},{"cve":"CVE-2022-20141","qid":"753296","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2177-1)"},{"cve":"CVE-2022-20141","qid":"753315","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 18 for SLE 15 SP3) (SUSE-SU-2022:2759-1)"},{"cve":"CVE-2022-20141","qid":"753319","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 7 for SLE 15 SP3) (SUSE-SU-2022:2766-1)"},{"cve":"CVE-2022-20141","qid":"753346","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 21 for SLE 15 SP2) (SUSE-SU-2022:2783-1)"},{"cve":"CVE-2022-20141","qid":"753366","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 27 for SLE 15 SP2) (SUSE-SU-2022:2781-1)"},{"cve":"CVE-2022-20141","qid":"753412","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 30 for SLE 15 SP1) (SUSE-SU-2022:2710-1)"},{"cve":"CVE-2022-20141","qid":"753443","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 24 for SLE 15 SP2) (SUSE-SU-2022:2776-1)"},{"cve":"CVE-2022-20141","qid":"753481","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 9 for SLE 15 SP3) (SUSE-SU-2022:2770-1)"},{"cve":"CVE-2022-20141","qid":"753489","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 17 for SLE 15 SP3) (SUSE-SU-2022:2732-1)"},{"cve":"CVE-2022-20141","qid":"941023","title":"AlmaLinux Security Update for kernel (ALSA-2023:2458)"},{"cve":"CVE-2022-20141","qid":"941061","title":"AlmaLinux Security Update for kernel-rt (ALSA-2023:2148)"},{"cve":"CVE-2022-20141","qid":"941096","title":"AlmaLinux Security Update for kernel (ALSA-2023:2951)"},{"cve":"CVE-2022-20141","qid":"941114","title":"AlmaLinux Security Update for kernel-rt (ALSA-2023:2736)"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2022-20141","ASSIGNER":"security@android.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"Android","version":{"version_data":[{"version_value":"Android kernel"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Elevation of privilege"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://source.android.com/security/bulletin/2022-06-01","url":"https://source.android.com/security/bulletin/2022-06-01"}]},"description":{"description_data":[{"lang":"eng","value":"In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112551163References: Upstream kernel"}]}},"nvd":{"publishedDate":"2022-06-15 14:15:00","lastModifiedDate":"2024-02-02 16:50:00","problem_types":["CWE-362"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7,"baseSeverity":"HIGH"},"exploitabilityScore":1,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:C/I:C/A:C","accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":6.9},"severity":"MEDIUM","exploitabilityScore":3.4,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2022","CveId":"20141","Ordinal":"218893","Title":"CVE-2022-20141","CVE":"CVE-2022-20141","Year":"2022"},"notes":[{"CveYear":"2022","CveId":"20141","Ordinal":"1","NoteData":"** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.","Type":"Description","Title":null}]}}}