Vulnerability allows escalation to root - CVE-2022-2639
search cancel

Vulnerability allows escalation to root - CVE-2022-2639

book

Article ID: 250665

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

According to a researcher's post, Linux Kernels up to version 5.18 would be affected.

Although the vulnerability was discovered in April, the researcher has made the exploit public for educational purposes:

https://github.com/veritas501/CVE-2022- 2639-PipeVersion.

The bug lies in the reserve_sfa_size function of the openvswitch module. Are we affected? Is there any line of work to solve it?

 

Environment

Release : 10.x

Component : API GATEWAY

Resolution

Latest update from RedHat says that RHEL7 kernel versions are not affected by this CVE,

Please check here https://access.redhat.com/security/cve/cve-2022-2639