CVE-2022-0185

Description from NVD

A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system.

Information Acquisition Date:2023-01-01T11:54Z

CVSS 2.0: 7.2 HIGH CVSS 3.x: 8.4 HIGH

▼ CVSS3 Vec CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV)	Network	Adjacent	Local	Physical
Attack Complexity (AC)	LOW	High
Privileges Required (PR)	None	Low	High
User Interaction (UI)	None	Required
Scope (S)	Unchange	Change
Confidentiality (C)	None	Low	High
Integrity (I)	None	Low	High
Availability (A)	None	Low	High

▼ CVSS2 Vec AV:L/AC:L/Au:N/C:C/I:C/A:C

Attack Vector (AV)	Network	Adjacent	Local
Access Complexity (AC)	Low	Medium	High
Authentication (Au)	None	Single	Multiple
Confidentiality (C)	None	Partial	Complete
Integrity (I)	None	Partial	Complete
Availability (A)	None	Partial	Complete

NVD References

https://github.com/Crusaders-of-Rust/CVE-2022-0185
source:MISC
tags:Exploit Third Party Advisory

https://www.openwall.com/lists/oss-security/2022/01/18/7
source:MISC
tags:Mailing List Patch Third Party Advisory

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de2
source:MISC
tags:Mailing List Patch Vendor Advisory

https://www.willsroot.io/2022/01/cve-2022-0185.html
source:MISC
tags:Exploit Third Party Advisory

https://security.netapp.com/advisory/ntap-20220225-0003/
source:CONFIRM
tags:Third Party Advisory

This vulnerability may involve a PoC.

Description from Forti

RHSA-2022:0176-Security Advisory

Information Acquisition Date:2023/01/01

Affected Products

Impact

Recommended Actions

References

Refer to Information on External Sites

CVE Infomation	Exploits or more Infomation
mitre	EXPLOIT DATABASE
NVD	0day.today
vulmon.com	github
CVE Details	Twitter
JVN ENG JPN
Reconshell

Software Tag: Linux(1 tweets)

List of frequently cited URLs

URL	Num of Times Referred to
https://cvetrends.com	51
https://www.reddit.com/r/netsec	46
https://www.helpnetsecurity.com/2022/01/26/cve-2021-4034	31
http://cyberiqs.com/latestnews	27
https://www.armosec.io/blog/cve-2022-0185-kubernetes-users	9
http://twinybots.ch	8
https://opsmtrs.com/3fTgB6p	5
https://www.openwall.com/lists/oss-security/2022/01/25/14	5
https://www.hackthebox.com/blog/CVE-2022-0185:_A_case_study	5
https://www.willsroot.io/2022/01/cve-2022-0185.html	4
https://securityonline.info/poc-cve-2022-0185-linux-kernel-...	4
https://packetstormsecurity.com/files/165731/CVE-2022-0185-...	4
https://www.bleepingcomputer.com/news/security/linux-kernel...	4
https://jfrog.com/blog/the-impact-of-cve-2022-0185-linux-ke...	3
https://github.com/Crusaders-of-Rust/CVE-2022-0185	3
https://sysdig.com/blog/cve-2022-0185-container-escape	3
https://ubuntu.com/security/CVE-2022-0185	3
https://twitter.com/ryaagard/status/1483592308352294917	3
https://seclists.org/oss-sec/2022/q1/54	3
https://go.trellix.com/3Lgz9Mb	3
https://nickgregory.me/linux/security/2022/03/12/cve-2022-2...	3
https://blog.aquasec.com/cve-2022-0185-linux-kernel-contain...	3
https://cloud.google.com/kubernetes-engine/docs/release-notes	3
https://google.github.io/security-research/pocs/linux/cve-2...	3
https://access.redhat.com/security/cve/cve-2022-0185	3
https://www.crowdstrike.com/blog/cve-2022-0185-kubernetes-c...	3
https://rssfeeds.cloudsite.builders/2022/02/01/the-impact-o...	3

Information from Twitter

User	URL	Info Source	Date
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2022-0185	Source threatintelctr 1615460695952302086	2023/01/18

List of frequently cited URLs

URL	Num of Times Referred to
cvetrends.com	51
www.reddit.com	46
www.helpnetsecurity.com	31
cyberiqs.com	27
www.armosec.io	9
twinybots.ch	8
opsmtrs.com	5
www.openwall.com	5
www.hackthebox.com	5
www.willsroot.io	4
securityonline.info	4
packetstormsecurity.com	4
www.bleepingcomputer.com	4
jfrog.com	3
github.com	3
sysdig.com	3
ubuntu.com	3
twitter.com	3
seclists.org	3
go.trellix.com	3
nickgregory.me	3
blog.aquasec.com	3
cloud.google.com	3
google.github.io	3
access.redhat.com	3
www.crowdstrike.com	3
rssfeeds.cloudsite.builders	3

Information from Twitter

User	URL	Info Source
threatintelctr	nvd.nist.gov	Show Tweet

GitHub Search Results: Up to 10

Name	URL
Crusaders-of-Rust/CVE-2022-0185	https://github.com/Crusaders-of-Rust/CVE-2022-0185
chenaotian/CVE-2022-0185	https://github.com/chenaotian/CVE-2022-0185
veritas501/CVE-2022-0185-PipeVersion	https://github.com/veritas501/CVE-2022-0185-PipeVersion
featherL/CVE-2022-0185-exploit	https://github.com/featherL/CVE-2022-0185-exploit
discordianfish/cve-2022-0185-crash-poc	https://github.com/discordianfish/cve-2022-0185-crash-poc
chenaotian/CVE-2022-25636	https://github.com/chenaotian/CVE-2022-25636
shahparkhan/cve-2022-0185	https://github.com/shahparkhan/cve-2022-0185
khaclep007/CVE-2022-0185	https://github.com/khaclep007/CVE-2022-0185

GitHub Search Results: Up to 10

Name	URL
Crusaders-of-Rust/CVE-2022-0185	github.com
chenaotian/CVE-2022-0185	github.com
veritas501/CVE-2022-0185-PipeVersion	github.com
featherL/CVE-2022-0185-exploit	github.com
discordianfish/cve-2022-0185-crash-poc	github.com
chenaotian/CVE-2022-25636	github.com
shahparkhan/cve-2022-0185	github.com
khaclep007/CVE-2022-0185	github.com

2023/02/23 Score : 0
Added Har-sia Database : 2022/01/19
Last Modified : 2023/02/23
Highest Scored Date : 2022/01/26
Highest Score : 67