What is the severity of CVE-2022-1462?

CVE-2022-1462 is considered a high-severity vulnerability due to the potential for user-triggered race conditions leading to memory leakage.

How do I fix CVE-2022-1462?

To fix CVE-2022-1462, update your Linux kernel to the appropriate patched version as specified for your distribution.

Which Linux kernel versions are affected by CVE-2022-1462?

CVE-2022-1462 affects specific versions of the Linux kernel, particularly prior to 4.18.0-477.10.1 and certain 5.x series versions.

Is CVE-2022-1462 present in Red Hat Enterprise Linux?

Yes, CVE-2022-1462 is present in versions of Red Hat Enterprise Linux 8 and 9 before the patched versions were released.

What type of vulnerability is CVE-2022-1462?

CVE-2022-1462 is an out-of-bounds read vulnerability resulting from a race condition in the Linux kernel's TeleTYpe subsystem.

Vulnerability/
CVE-2022-1462

medium

6.3

CWE

362 366

25/4/2022

9/5/2022

31/5/2022

21/11/2024

CVE-2022-1462: Race Condition

First published: Mon Apr 25 2022(Updated: )

A possible race condition vulnerability in drivers/tty/tty_buffers.c

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
redhat/kernel-rt	<0:4.18.0-477.10.1.rt7.274.el8_8	0:4.18.0-477.10.1.rt7.274.el8_8
redhat/kernel	<0:4.18.0-477.10.1.el8_8	0:4.18.0-477.10.1.el8_8
redhat/kernel	<0:5.14.0-284.11.1.el9_2	0:5.14.0-284.11.1.el9_2
redhat/kernel-rt	<0:5.14.0-284.11.1.rt14.296.el9_2	0:5.14.0-284.11.1.rt14.296.el9_2
redhat/kernel	<5.5	5.5
Linux Kernel
Red Hat Enterprise Linux	=8.0
Red Hat Enterprise Linux	=9.0
Debian Linux	=10.0
debian/linux		5.10.223-1 5.10.234-1 6.1.129-1 6.1.135-1 6.12.22-1 6.12.25-1

Remedy

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Frequently Asked Questions

What is the severity of CVE-2022-1462?
CVE-2022-1462 is considered a high-severity vulnerability due to the potential for user-triggered race conditions leading to memory leakage.
How do I fix CVE-2022-1462?
To fix CVE-2022-1462, update your Linux kernel to the appropriate patched version as specified for your distribution.
Which Linux kernel versions are affected by CVE-2022-1462?
CVE-2022-1462 affects specific versions of the Linux kernel, particularly prior to 4.18.0-477.10.1 and certain 5.x series versions.
Is CVE-2022-1462 present in Red Hat Enterprise Linux?
Yes, CVE-2022-1462 is present in versions of Red Hat Enterprise Linux 8 and 9 before the patched versions were released.
What type of vulnerability is CVE-2022-1462?
CVE-2022-1462 is an out-of-bounds read vulnerability resulting from a race condition in the Linux kernel's TeleTYpe subsystem.

collector/redhat-cve
agent/type
agent/first-publish-date
collector/launchpad-cve
source/Launchpad
agent/severity
agent/weakness
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2022-1462
agent/software-canonical-lookup
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/references
agent/remedy
agent/trending
agent/source
agent/author
collector/usn-cve
source/Ubuntu
agent/description
agent/event
collector/nvd-cve
source/NVD
agent/software-canonical-lookup-request
collector/nvd-index
agent/tags
agent/softwarecombine
collector/security-tracker-debian
source/Debian
package-manager/redhat
vendor/linux
canonical/linux kernel
vendor/redhat
canonical/red hat enterprise linux
version/red hat enterprise linux/8.0
version/red hat enterprise linux/9.0
vendor/debian
canonical/debian linux
version/debian linux/10.0
package-manager/debian