vulnerability

CentOS Linux: CVE-2022-21499: Moderate: kernel-rt security and bug fix update (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:N/C:P/I:P/A:P)	Jun 9, 2022	Nov 9, 2022	May 25, 2023

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

Jun 9, 2022

Added

Nov 9, 2022

Modified

May 25, 2023

Description

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

Solutions

centos-upgrade-kernelcentos-upgrade-kernel-rt

References

DEBIAN-DSA-5161
NVD-CVE-2022-21499

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today