Vulnerability Details : CVE-2022-25265
In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file.
Exploit prediction scoring system (EPSS) score for CVE-2022-25265
Probability of exploitation activity in the next 30 days: 0.10%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 40 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2022-25265
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.4
|
MEDIUM | AV:L/AC:M/Au:N/C:P/I:P/A:P |
3.4
|
6.4
|
NIST |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2022-25265
-
The product does not properly restrict reading from or writing to dynamically-managed code resources such as variables, objects, classes, attributes, functions, or executable instructions or statements.Assigned by: nvd@nist.gov (Primary)
References for CVE-2022-25265
-
https://github.com/x0reaxeax/exec-prot-bypass
GitHub - x0reaxeax/exec-prot-bypass: Bypassing Linux Executable Space Protection using 20+ years old tools.Exploit;Third Party Advisory
-
https://github.com/torvalds/linux/blob/1c33bb0507508af24fd754dd7123bd8e997fab2f/arch/x86/include/asm/elf.h#L281-L294
linux/elf.h at 1c33bb0507508af24fd754dd7123bd8e997fab2f · torvalds/linux · GitHubPatch;Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20220318-0005/
CVE-2022-25265 Linux Kernel Vulnerability in NetApp Products | NetApp Product SecurityThird Party Advisory
Products affected by CVE-2022-25265
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:baseboard_management_controller_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*