- 238/2022
- High
Linux has released security updates on multiple distributions.
Linux Kernel 5.1 through 5.19.x before 5.19.16 is vulnerable to various remote code execution vulnerabilities, allowing the attacker to execute arbitrary code on the system and cause a denial of service.
Sample of the addressed vulnerabilities:
1- Linux Kernel Code Execution (CVE-2022-42719):
- CVSS: 8
- Attack Vector: Adjacent Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Consequences: Gain Access
2- Linux Kernel Denial of Service (CVE-2022-41674):
- CVSS: 7.3
- Attack Vector: Adjacent Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Consequences: Denial of Service
Vulnerabilities
• CVE-2022-42722
• CVE-2022-42721
• CVE-2022-42720
• CVE-2022-41674
• CVE-2022-42719
• Linux Kernel code execution
Mitigations
The enterprise should deploy the patches as soon as the testing phase is completed.