CVE-2022-2959: Linux Kernel Watch Queue Race Condition Privilege Escalation Vulnerability

First published: Fri May 27 2022(Updated: )

A race condition was found in the Linux kernel's watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system.

Credit: secalert@redhat.com secalert@redhat.com

Affected Software	Affected Version	How to fix
redhat/kernel	<0:5.14.0-162.12.1.el9_1	0:5.14.0-162.12.1.el9_1
redhat/kernel-rt	<0:5.14.0-162.12.1.rt21.175.el9_1	0:5.14.0-162.12.1.rt21.175.el9_1
redhat/kernel	<0:5.14.0-70.36.1.el9_0	0:5.14.0-70.36.1.el9_0
redhat/kernel-rt	<0:5.14.0-70.36.1.rt21.108.el9_0	0:5.14.0-70.36.1.rt21.108.el9_0
Linux Linux kernel	>=5.8<5.10.120
Linux Linux kernel	>=5.11<5.15.45
Linux Linux kernel	>=5.16<5.17.13
Linux Linux kernel	>=5.18<5.18.2
Linux kernel
redhat/kernel	<5.19	5.19
Google Android
ubuntu/linux	<5.15.0-47.51	5.15.0-47.51
ubuntu/linux	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-aws	<5.15.0-1019.23	5.15.0-1019.23
ubuntu/linux-aws	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-aws-5.0	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-aws-5.15	<5.15.0-1019.23~20.04.1	5.15.0-1019.23~20.04.1
ubuntu/linux-aws-5.15	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-aws-5.4	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-aws-6.5	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-aws-fips	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-aws-hwe	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-azure	<5.15.0-1019.24	5.15.0-1019.24
ubuntu/linux-azure	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-azure-4.15	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-azure-5.15	<5.15.0-1019.24~20.04.1	5.15.0-1019.24~20.04.1
ubuntu/linux-azure-5.15	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-azure-5.4	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-azure-6.5	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-azure-edge	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-azure-fde	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-azure-fde-5.15	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-azure-fips	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-bluefield	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-dell300x	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-fips	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-gcp	<5.15.0-1017.23	5.15.0-1017.23
ubuntu/linux-gcp	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-gcp-4.15	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-gcp-5.15	<5.15.0-1017.23~20.04.2	5.15.0-1017.23~20.04.2
ubuntu/linux-gcp-5.15	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-gcp-5.4	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-gcp-6.5	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-gcp-fips	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-gke	<5.15.0-1015.18	5.15.0-1015.18
ubuntu/linux-gke	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-gke-4.15	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-gke-5.0	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-gke-5.15	<5.15.0-1015.18~20.04.1	5.15.0-1015.18~20.04.1
ubuntu/linux-gke-5.15	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-gke-5.4	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-gkeop	<5.15.0-1002.4	5.15.0-1002.4
ubuntu/linux-gkeop	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-gkeop-5.15	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-gkeop-5.4	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-hwe	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-hwe-5.15	<5.15.0-48.54~20.04.1	5.15.0-48.54~20.04.1
ubuntu/linux-hwe-5.15	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-hwe-5.4	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-hwe-6.5	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-hwe-edge	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-ibm	<5.15.0-1013.15	5.15.0-1013.15
ubuntu/linux-ibm	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-ibm-5.15	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-ibm-5.4	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-intel	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-intel-5.13	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-intel-iotg	<5.15.0-1015.20	5.15.0-1015.20
ubuntu/linux-intel-iotg	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-intel-iotg-5.15	<5.15.0-1015.20~20.04.2	5.15.0-1015.20~20.04.2
ubuntu/linux-intel-iotg-5.15	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-iot	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-kvm	<5.15.0-1017.21	5.15.0-1017.21
ubuntu/linux-kvm	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-laptop	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-lowlatency	<5.15.0-47.53	5.15.0-47.53
ubuntu/linux-lowlatency	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-lowlatency-hwe-5.15	<5.15.0-48.54~20.04.1	5.15.0-48.54~20.04.1
ubuntu/linux-lowlatency-hwe-5.15	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-lowlatency-hwe-6.5	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-lts-xenial	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-nvidia	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-nvidia-6.5	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-oem	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-oem-5.10	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-oem-5.14	<5.14.0-1044.49	5.14.0-1044.49
ubuntu/linux-oem-5.14	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-oem-5.17	<5.17.0-1013.14	5.17.0-1013.14
ubuntu/linux-oem-5.17	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-oem-5.6	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-oem-6.5	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-oem-6.8	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-oem-osp1	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-oracle	<5.15.0-1017.22	5.15.0-1017.22
ubuntu/linux-oracle	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-oracle-5.0	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-oracle-5.13	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-oracle-5.15	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-oracle-5.4	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-oracle-6.5	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-raspi	<5.15.0-1014.16	5.15.0-1014.16
ubuntu/linux-raspi	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-raspi-5.4	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-raspi2	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-riscv	<5.15.0-1018.21	5.15.0-1018.21
ubuntu/linux-riscv	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-riscv-5.15	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-riscv-6.5	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-snapdragon	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-starfive	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-starfive-6.5	<5.19~<5.15.45	5.19~ 5.15.45
ubuntu/linux-xilinx-zynqmp	<5.19~<5.15.45	5.19~ 5.15.45
debian/linux		5.10.218-1 5.10.221-1 6.1.94-1 6.1.99-1 6.9.10-1 6.9.12-1

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

collector/redhat-cve
collector/nvd-index
agent/type
agent/first-publish-date
collector/launchpad-cve
source/Launchpad
agent/author
agent/remedy
agent/title
agent/severity
collector/zdi-advisory
source/ZDI
alias/ZDI-22-1165
alias/ZDI-CAN-17291
alias/CVE-2022-2959
agent/software-canonical-lookup
collector/redhat-bugzilla
source/Red Hat
agent/description
collector/nvd-cve
source/NVD
agent/weakness
agent/event
agent/references
collector/android-source
source/Android
agent/last-modified-date
collector/usn-cve
source/Ubuntu
agent/tags
collector/security-tracker-debian
source/Debian
agent/softwarecombine
collector/mitre-cve
source/MITRE
package-manager/redhat
vendor/linux
canonical/linux linux kernel
version/linux linux kernel/5.8
version/linux linux kernel/5.11
version/linux linux kernel/5.16
version/linux linux kernel/5.18
canonical/linux kernel
vendor/google
canonical/google android
package-manager/ubuntu
package-manager/debian

CVE-2022-2959: Linux Kernel Watch Queue Race Condition Privilege Escalation Vulnerability

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Company

Resources

Contact