Rewterz Threat Advisory – CVE-2022-22948 – VMware vCenter Server and Cloud Foundation Vulnerability
March 30, 2022Rewterz Threat Advisory – CVE-2022-25757 – Apache APISIX Vulnerability
March 30, 2022Rewterz Threat Advisory – CVE-2022-22948 – VMware vCenter Server and Cloud Foundation Vulnerability
March 30, 2022Rewterz Threat Advisory – CVE-2022-25757 – Apache APISIX Vulnerability
March 30, 2022Severity
High
Analysis Summary
CVE-2022-1048
Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in the sound subsystem. By sending specially-crafted concurrent calls using PCM hw_params, an attacker could exploit this vulnerability to gain elevated privileges or crash the system.
Impact
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2022-1048
Affected Vendors
Linux
Affected Products
- Linux Kernel 5.16
- Linux Kernel 5.17-rc8
Remediation
Upgrade to the latest version of Linux Kernel, available from the Linux Kernel Web site.