Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-2639
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
整数强制转换错误
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 数字错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在数字错误漏洞,该漏洞源于在 openvswitch 内核模块中发现整数强制错误。 给定足够多的操作,在为新流的新操作复制和保留内存时,reserve_sfa_size() 函数不会按预期返回 -EMSGSIZE,这可能会导致越界写入访问。 此漏洞允许本地用户崩溃或可能提升他们在系统上的权限。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
-kernel kernel 5.18 -
II. Public POCs for CVE-2022-2639
#POC DescriptionSource LinkShenlong Link
1CVE-2022-2639 Linux kernel openvswitch local privilege escalationhttps://github.com/bb33bb/CVE-2022-2639-PipeVersionPOC Details
2Nonehttps://github.com/EkamSinghWalia/Detection-and-Mitigation-for-CVE-2022-2639POC Details
3Nonehttps://github.com/kakaroot1337/-2022-LOCALROOT-CVE-2022-2639POC Details
4Nonehttps://github.com/letsr00t/-2022-LOCALROOT-CVE-2022-2639POC Details
5Nonehttps://github.com/devetop/CVE-2022-2639-PipeVersionPOC Details
6Nonehttps://github.com/Threekiii/Awesome-POC/blob/master/%E6%93%8D%E4%BD%9C%E7%B3%BB%E7%BB%9F%E6%BC%8F%E6%B4%9E/Linux%20openvswitch%20%E6%9D%83%E9%99%90%E6%8F%90%E5%8D%87%E6%BC%8F%E6%B4%9E%20CVE-2022-2639.mdPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2022-2639
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: kernel
Same vendor: n/a
Same weakness: CWE-192
V. Comments for CVE-2022-2639

No comments yet

Leave a comment