UBUNTU-CVE-2022-3424

Advisory lineage Upstream: 1 Downstream: 19
Upstream
CVE-2022-3424
Published: 10 Oct 2022, 00:00
Last modified:03 Jun 2026, 13:35

Vulnerability Summary

Overall Risk (default)
medium
31/100
CVSS Score
7.8 HIGH
3.1 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

10 Oct 2022, 00:00
Published
Vulnerability first disclosed
03 Jun 2026, 13:35
Last Modified
Vulnerability information updated

Description

A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate their privileges on the system.

CVSS Metrics

  • v3.1HIGHScore: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Systems

  • ubuntulinux

    all | < 4.15.0-208.220 | < 5.4.0-144.161 | < 5.15.0-69.76

  • ubuntulinux-aws

    all | < 4.15.0-1153.166 | < 5.4.0-1097.105 | < 5.15.0-1033.37

  • ubuntulinux-aws-5.0

    all

  • ubuntulinux-aws-5.11

    all

  • ubuntulinux-aws-5.13

    all

  • ubuntulinux-aws-5.15

    < 5.15.0-1033.37~20.04.1

  • ubuntulinux-aws-5.3

    all

  • ubuntulinux-aws-5.4

    < 5.4.0-1097.105~18.04.1

  • ubuntulinux-aws-5.8

    all

  • ubuntulinux-aws-fips

    < 4.15.0-2092.98 | all | < 5.4.0-1099.107+fips1

  • ubuntulinux-aws-hwe

    < 4.15.0-1153.166~16.04.1

  • ubuntulinux-azure

    < 4.15.0-1162.177~14.04.1 | < 4.15.0-1162.177~16.04.1 | all | < 5.4.0-1104.110 | < 5.15.0-1035.42

  • ubuntulinux-azure-4.15

    < 4.15.0-1162.177

  • ubuntulinux-azure-5.11

    all

  • ubuntulinux-azure-5.13

    all

  • ubuntulinux-azure-5.15

    < 5.15.0-1035.42~20.04.1

  • ubuntulinux-azure-5.19

    < 5.19.0-1023.24~22.04.1

  • ubuntulinux-azure-5.3

    all

  • ubuntulinux-azure-5.4

    < 5.4.0-1104.110~18.04.1

  • ubuntulinux-azure-5.8

    all

  • ubuntulinux-azure-edge

    all

  • ubuntulinux-azure-fde

    < 5.15.0-1035.42.1

  • ubuntulinux-azure-fips

    < 4.15.0-2071.77 | all | < 5.4.0-1104.110+fips1

  • ubuntulinux-bluefield

    < 5.15.0-1015.17 | < 5.4.0-1059.65 | < 5.15.0-1015.17 | all

  • ubuntulinux-dell300x

    < 4.15.0-1062.67

  • ubuntulinux-fips

    all | < 4.15.0-1108.119 | < 5.4.0-1073.82

  • ubuntulinux-gcp

    < 4.15.0-1147.163~16.04.1 | all | < 5.4.0-1101.110 | < 5.15.0-1031.38

  • ubuntulinux-gcp-4.15

    < 4.15.0-1147.163

  • ubuntulinux-gcp-5.11

    all

  • ubuntulinux-gcp-5.13

    all

  • ubuntulinux-gcp-5.15

    < 5.15.0-1031.38~20.04.1

  • ubuntulinux-gcp-5.3

    all

  • ubuntulinux-gcp-5.4

    < 5.4.0-1101.110~18.04.1

  • ubuntulinux-gcp-5.8

    all

  • ubuntulinux-gcp-fips

    < 4.15.0-2055.60 | all | < 5.4.0-1101.110+fips1

  • ubuntulinux-gke

    < 5.4.0-1095.102 | < 5.15.0-1030.35

  • ubuntulinux-gke-4.15

    all

  • ubuntulinux-gke-5.15

    < 5.15.0-1029.34~20.04.1

  • ubuntulinux-gke-5.4

    all

  • ubuntulinux-gkeop

    < 5.4.0-1065.69 | < 5.15.0-1017.22

  • ubuntulinux-gkeop-5.15

    < 5.15.0-1017.22~20.04.1

  • ubuntulinux-gkeop-5.4

    all

  • ubuntulinux-hwe

    < 4.15.0-208.219~16.04.1 | all

  • ubuntulinux-hwe-5.11

    all

  • ubuntulinux-hwe-5.13

    all

  • ubuntulinux-hwe-5.15

    < 5.15.0-69.76~20.04.1

  • ubuntulinux-hwe-5.19

    < 5.19.0-40.41~22.04.1

  • ubuntulinux-hwe-5.4

    < 5.4.0-144.161~18.04.1

  • ubuntulinux-hwe-5.8

    all

  • ubuntulinux-hwe-edge

    all | all

Showing first 50 affected entries in server-rendered view.

References (23)