Summaryinfo

A vulnerability classified as problematic has been found in Linux Kernel. This affects the function io_files_update_with_index_alloc. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2022-4127. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue. If you want to get best quality of vulnerability data, you may have to visit VulDB.

Detailsinfo

A vulnerability was found in Linux Kernel (Operating System) (unknown version). It has been rated as critical. Affected by this issue is the function io_files_update_with_index_alloc. The manipulation with an unknown input leads to a null pointer dereference vulnerability. Using CWE to declare the problem leads to CWE-476. A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. Impacted is availability. CVE summarizes:

A NULL pointer dereference issue was discovered in the Linux kernel in io_files_update_with_index_alloc. A local user could use this flaw to potentially crash the system causing a denial of service.

The weakness was presented 11/29/2022 as d785a773bed966a75ca1f11d108ae1897189975b. The advisory is available at github.com. This vulnerability is handled as CVE-2022-4127 since 11/23/2022. Technical details are known, but there is no available exploit.

Applying the patch d785a773bed966a75ca1f11d108ae1897189975b is able to eliminate this problem. The bugfix is ready for download at github.com.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Productinfo

Type

• Operating System

Vendor

• Linux

Name

• Kernel

License

• open-source

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion