CVE-2022-1729

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-1729
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-1729.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-1729
Downstream
Related
Published
2022-09-01T21:15:09.057Z
Modified
2026-03-17T23:55:53.331866Z
Severity
  • 7.0 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A race condition was found the Linux kernel in perfeventopen() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
c16fa4f2ad19908a47c63d8fa436a1178438c7e7
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
bfe01a5ba2490f299e1d2d5508cbbbadd897bbe9
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
bfa76d49576599a4b9f9b7a71f23d73d6dcff735
Fixed
3ac6487e584a1eb54071dbe1212e05b884136704
Database specific 
{
    "versions": [
        {
            "introduced": "3.2.85"
        },
        {
            "fixed": "3.3"
        },
        {
            "introduced": "3.16.40"
        },
        {
            "fixed": "3.17"
        },
        {
            "introduced": "3.18.54"
        },
        {
            "fixed": "3.19"
        }
    ]
}

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "4.0.0"
            },
            {
                "fixed": "4.9.316"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "4.10"
            },
            {
                "fixed": "4.14.281"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "4.15"
            },
            {
                "fixed": "4.19.245"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "4.20"
            },
            {
                "fixed": "5.4.196"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "5.5.0"
            },
            {
                "fixed": "5.10.118"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "5.11"
            },
            {
                "fixed": "5.15.42"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "5.16"
            },
            {
                "fixed": "5.17.10"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "h300s"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "h410s"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "h500s"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "h700s"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-1729.json"