CVE-2022-1462

Summary

An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.

Affected Software

VendorProductVersion RangeStatus
n/akernelno information yetaffected

Weaknesses

  • CWE-362: CWE-362

ADP Enrichment

CVE Program Container

Additional References

References