CVE-2022-2959

Summary

A race condition was found in the Linux kernel's watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system.

Affected Software

VendorProductVersion RangeStatus
n/akernelFixed in kernel 5.19affected

Weaknesses

  • CWE-667: CWE-667

ADP Enrichment

CVE Program Container

Additional References

References