A security investigator has discovered three new code execution flaws in the Linux kernel that might be exploited by a local or external adversary to take control of the vulnerable computers and run arbitrary code. The roccat_report_event function in drivers/hid/hid-roccat.c has a use-after-free vulnerability identified as CVE-2022–41850 (CVSS score: 8.4). A local attacker might exploit this flaw to run malicious script on the system by submitting a report while copying a report->value. Patch has be released to addresses the Linux Kernel 5.19.12 vulnerability CVE-2022–41850.
The second flaw tracked as CVE-2022–41848 (CVSS score: 6.8), is also a use-after-free flaw due to a race condition between mgslpc_ioctl and mgslpc_detach in drivers/char/pcmcia/synclink_cs.c. By removing a PCMCIA device while calling ioctl, an attacker could exploit this vulnerability to execute arbitrary code on the system. The bug affects Linux Kernel 5.19.12 and was fixed via this patch.
Due to a compatibility issues between mgslpc ioctl and mgslpc detach in drivers/char/pcmcia/synclink cs.c, the second vulnerability, tagged as CVE-2022–41848 (CVSS score: 6.8), is likewise a use-after-free vulnerability. An adversary might use this flaw to run malicious script on the computer by deleting a PCMCIA device while executing ioctl. There is a patch that corrects this flaw that was present in the Linux Kernel 5.19.12.
Comments are closed.