CVE-2022-48832

Published: Jul 16, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: audit: don't deref the syscall args when checking the openat2 open_how::flags As reported by Jeff, dereferencing the openat2 syscall argument in audit_match_perm() to obtain the open_how::flags can result in an oops/page-fault. This patch fixes this by using the open_how struct that we store in the audit_context with audit_openat2_how(). Independent of this patch, Richard Guy Briggs posted a similar patch to the audit mailing list roughly 40 minutes after this patch was posted.

Vendor	Product	Versions
Linux	Linux	affected `1c30e3af8a79260cdba833a719209b01e6b92300 - < 310c9ddfdf1f8d3c9834f02175eae79c8b254b6c` affected `1c30e3af8a79260cdba833a719209b01e6b92300 - < 7a82f89de92aac5a244d3735b2bd162c1147620c`
Linux	Linux	affected `5.16` unaffected `0 - < 5.16` unaffected `5.16.10 - <= 5.16.` unaffected `5.17 - <= `

References

https://git.kernel.org/stable/c/310c9ddfdf1f8d3c9834f02175eae79c8b254b6c

https://git.kernel.org/stable/c/7a82f89de92aac5a244d3735b2bd162c1147620c

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-48832

Description

Affected Products

References