CVE-2022-4744

Summary

A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system.

Affected Software

VendorProductVersion RangeStatus
n/aKernelLinux kernel 5.16-rc7affected

Weaknesses

  • CWE-460: CWE-460 -> CWE-824

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References