Vulnerability Details : CVE-2022-0185
A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system.
Vulnerability category: Overflow
Exploit prediction scoring system (EPSS) score for CVE-2022-0185
Probability of exploitation activity in the next 30 days: 0.06%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 24 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2022-0185
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
|
8.4
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.5
|
5.9
|
NIST |
CWE ids for CVE-2022-0185
-
The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.Assigned by:
- nvd@nist.gov (Secondary)
- secalert@redhat.com (Secondary)
-
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.Assigned by: nvd@nist.gov (Primary)
References for CVE-2022-0185
-
https://security.netapp.com/advisory/ntap-20220225-0003/
CVE-2022-0185 Linux Kernel Vulnerability in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://github.com/Crusaders-of-Rust/CVE-2022-0185
GitHub - Crusaders-of-Rust/CVE-2022-0185: CVE-2022-0185Exploit;Third Party Advisory
-
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de2
kernel/git/torvalds/linux.git - Linux kernel source treeMailing List;Patch;Vendor Advisory
-
https://www.willsroot.io/2022/01/cve-2022-0185.html
Will's Root: CVE-2022-0185 - Winning a $31337 Bounty after Pwning Ubuntu and Escaping Google's KCTF ContainersExploit;Third Party Advisory
-
https://www.openwall.com/lists/oss-security/2022/01/18/7
oss-security - Linux kernel: Heap buffer overflow in fs_context.c since version 5.1Mailing List;Patch;Third Party Advisory
Products affected by CVE-2022-0185
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*